Bugtraq mailing list archives
Re: chown, quotas and security
From: neil () legless demon co uk (Neil Woods)
Date: Sun, 6 Nov 1994 03:57:56 +0100 (GMT+0100)
I agree that cluttering up the kernel would be wrong, though, and would suggest either a setuid c wrapper around chown to check ownership or hacking chown to do the check and making it setuid, the former probably being preferable.
I disagree, the kernel is the correct place - indeed svr4 has a kernel config option, RSTCHOWN, to do precisely this. The setuid wrapper would introduce a race condition, you'd need to write your own version of chown using fchown, and be extremely careful checking perms. Neil -- Bull in the Heather, Me and My Charms, The Lights, Sensual World, Go, Ritual, Handsome and Gretel, Take Me, Blue Room, Drunken Butterfly, She's Lost Control. ...like a badger with an afro throwing sparklers at the Pope...
Current thread:
- Re: chown, quotas and security Neil Woods (Nov 05)
- <Possible follow-ups>
- Re: chown, quotas and security Neil Woods (Nov 05)
- Re: chown, quotas and security Neil Woods (Nov 05)
- Re: chown, quotas and security der Mouse (Nov 06)