[ On Mon, November  7, 1994 at 20:17:43 (+1100), matthew green wrote: ]
> Subject: Re: chown, quotas and security 
>
>    
>    The chown(2) system call turns off the setuid and/or setgid bits as
>    appropriate, so this is not a concern.
> 
> except in this case:
> 
> splode /tmp# ls -l sh
> -r-xr-xr-x  1 mrg  wheel  335872 Nov  7 20:05 sh
> splode /tmp# chmod u+s sh
> splode /tmp# chown root sh
> splode /tmp# ls -l sh
> -r-sr-xr-x  1 root  wheel  335872 Nov  7 20:05 sh

Well of course!  Root can do anything, and should be able to....

-- 
						Greg A. Woods

+1 416 443-1734			VE3TCP		robohack!woods
Planix, Inc. <woods@planix.com>; UniForum Canada <woods@uniforum.ca>