[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-user
Subject:    Re: Unrestrict chown?
From:       "Boyd Stephen Smith Jr." <bss03 () volumehost ! net>
Date:       2008-12-09 22:53:53
Message-ID: 200812091653.58117.bss03 () volumehost ! net
[Download RAW message or body]

On Tuesday 2008 December 09 16:21:54 Scott Gifford wrote:
>Christopher Zimmermann <madroach@zakweb.de> writes:
>> Hi!
>>
>> On my debian box using linux kernel its not possible to give away files,
>> only root can change file owners. Is it possible to configure this
>> behaviour and allow all users to chown their own files?
>
>As others have mentioned, normally this is a bad idea.  But if you
>have a specialized need for it, you can write a small program to open
>the file, check the owner with fstat, then change the owner with
>fchown.  If you install this program setuid it will let you give this
>capability to your users.
>
>If you used this approach, you would need to take great care in
>writing the program so it doesn't allow users to give away others'
>files.

While your technique is effective, it might be better to modify the existing 
chmod source.  Otherwise you lose (or have to re-implement) all the nice 
features like -R.  Do it right, (including handling the case where chown 
isn't suid, as well as various security issues) and you might be able to get 
upstream to accept it, as an option 
(e.g. ./configure --with-restricted-chown-override-when-suid-root).
-- 
Boyd Stephen Smith Jr.                     ,= ,-_-. =. 
bss03@volumehost.net                      ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy           `-'(. .)`-' 
http://iguanasuicide.org/                      \_/     

["signature.asc" (application/pgp-signature)]
-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


[prev in list] [next in list] [prev in thread] [next in thread]