non-superuser chown(2)s considered harmful
Tony L. Hansen
hansen at pegasus.att.com
Tue Dec 11 11:56:44 AEST 1990
< Exactly. This is why several people have been arguing for chown() to
< work between current and effective uids. Does chown() have any other
< reasonable use?
The mail(1) command uses chown(2) and set-gid to give a secure mail system. I
feel that other methods are fraught with potential security holes.
Tony Hansen
att!pegasus!hansen, attmail!tony
hansen at pegasus.att.com
More information about the Comp.unix.internals
mailing list