Subject: Re: chown, quotas and security
To: None <email@example.com>
From: Greg A. Woods <firstname.lastname@example.org>
Date: 11/07/1994 12:38:39
[ On Sun, November 6, 1994 at 22:58:27 (est), email@example.com wrote: ]
> Subject: Re: chown, quotas and security
> The chown(2) system call turns off the setuid and/or setgid bits as
> appropriate, so this is not a concern.
It doesn't. (Proof by experimentation)
But in my reading of the code, it *should*, at least for ufs
filesystems. ufs_setattr() calls ufs_chown(), which does the mask, and
then it calls ufs_chmod(), which should set as per the masked bits....
Is there some possibility that 0.9 filesystem support breaks this (we're
still running with 0.9 filesystems on a NetBSD-1.0_BETA kernel).
Greg A. Woods
+1 416 443-1734 VE3TCP robohack!woods
Planix, Inc. <firstname.lastname@example.org>; UniForum Canada <email@example.com>