non-superuser chown(2)s considered harmful

John F Haugh II jfh at rpp386.cactus.org
Sat Dec 15 03:33:26 AEST 1990


In article <1990Dec13.204819.17846 at chinet.chi.il.us> les at chinet.chi.il.us (Leslie Mikesell) writes:
>In article <1990Dec11.102225.10925 at kithrup.COM> sef at kithrup.COM (Sean Eric Fagan) writes:
>>Ok. I create a file, for the sole purpose of giving to a friend of mine, who
>>doesn't happen to be in my group.  Without making the file world-readable
>>(which I don't want to do for various reasons), how do I let my friend read
>>it?
>
>Encrypt it and give him the key.  Or mail it.

All you are doing is proving the point that root-only chown() makes
for an administrative nightmare.  Nowhere on the crypt manpage does
it mention that crypt can be used to change the ownership of a file.
Mail is pretty much the same story, with the added complexity of
dealing with binary files.

If you really want to have a chown that protects the recipient, have
chown ask for the recipient's password.  Authenticate the luser and
then do the chown.  Now the chown command can be used to chown files,
and you don't have to use crypt/mail/uuencode/etc.
-- 
John F. Haugh II                             UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 832-8832                           Domain: jfh at rpp386.cactus.org
"While you are here, your wives and girlfriends are dating handsome American
 movie and TV stars. Stars like Tom Selleck, Bruce Willis, and Bart Simpson."



More information about the Comp.unix.internals mailing list