>> Clears any suid or sgid bits if owner or group changes.  Even something
>> insane like clearing the suid bit if you change the group ownership.

Actually its worse than that.

# touch fubar
# chmod 4755 fubar
# ls -l fubar
# -rwsr-xr-x  1 root  wheel  0 Dec 19 09:17 fubar*
# chown root fubar
# ls -l fubar
# -rwxr-xr-x  1 root  wheel  0 Dec 19 09:17 fubar*

So even if the effect of the chown/chgrp is zero, we lose suid.

>1) POSIX.1 *requires* chown(2) to clear the set[gu]id bits, at least

Yes but it does not _require_ the above.

>2) Every "other modern un*x in the world" does this, at least for the
>   non-superuser case.

No other unix behaves as above.  I know because my configs tool
has been installing s/w on SunOS,Solaris,HP-UX,Ultrix,IRIX,
Pyramids and of course *BSD for years and never tripped over the 
above until NetBSD 1.3.

The work around was simple - just do the chmod last, and yes I agree it
should always have done that, but the fact remains that NetBSD is clearing
suid/sgid bits under circumstances that no other unix does (I've never
used Linux btw).  This is not good.


See above.

--sjg