UNIX file setuid sucurity hole?

mwm at eris.UUCP mwm at eris.UUCP
Sat Mar 14 09:56:40 AEST 1987


Sigh. Much disinformation floating around about this.

Straight data:

1) On BSD systems, only root can chown files.

2) On AT&T systems, you can give files away if you own them; root can
chown files arbitrarily. Even then, the setuid & setgid bits are
turned off if it isn't root doing the chown.

The above can be found in the man pages for both systems. Perusing the
source reveals:

3) On 4BSD systems, you can give a file to yourself without errors
(odd, but probably because the chown system call subsumes the chgrp
system call). If you aren't root, chown will turn off the setuid &
setgid bits.

Finally, it should be noted that the ability to give away files really
mangles disk useage tracking, and creates major security holes
elsewhere (do to bogosity in some system utilities).

	<mike
--
But I'll survive, no you won't catch me,		Mike Meyer
I'll resist the urge that is tempting me,		ucbvax!mwm
I'll avert my eyes, keep you off my knee,		mwm at berkeley.edu
But it feels so good when you talk to me.		mwm at ucbjade.BITNET



More information about the Comp.unix.wizards mailing list