current-users: Re: chown, quotas and security

Subject: Re: chown, quotas and security
To: Greg A. Woods <woods@kuma.web.net>
From: I can teach you how to fish... <greywolf@autodesk.com>
List: current-users
Date: 11/07/1994 11:35:10

Well, this has certainly opened an array of pointers to arrays of cans of
worms...

#define AUTHOR "woods@kuma.web.net (Greg A. Woods)"

/*
 * [ On Mon, November  7, 1994 at 10:29:34 (-0800), I can teach you how to fish... wrote: ]
 * > Subject: Re: chown, quotas and security
 * >
 * > If you enable chown(2) for normal users in the kernel, you will find that
 * > the set?id bits will be stripped.  The reason your experiment is not valid
 * > is because chown(8) was made setuid.  If you fool chown into thinking
 * > you're root, expect it to behave accordingly.
 * 
 * Well, then it (or its documentation) is broken.  I didn't fool chown(2)
 * by making chown(8) setuid.  Chown(2) should be checking the real uid,
 * not effective.
 * 
 * In fact, the documentation completely misses a whole raft of "features"
 * in chown(2), and implies that it simply returns EPERM if "the effective
					   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 * user ID is not the super-user."
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

That's the key, right there.  The set?id bits set the *effective*
{user,group} ID [as appropriate], not the real uid.  If they set the
real (possibly as well as the effective) ID, there would be no need
for sete?id, setr?id, set?id to be separate calls, let alone the need
for them to be called once the program is executed.

In actuality, suser(), which is called by most system calls, looks at
cr_uid, which is the effective user ID (cr_ruid is the real user ID).

This has been since time immemorial.  Nothing is broken.

 * 
 * -- 
 * 						Greg A. Woods
 * 
 * +1 416 443-1734			VE3TCP		robohack!woods
 * Planix, Inc. <woods@planix.com>; UniForum Canada <woods@uniforum.ca>
 * 
 * 
 * 
 * 
 * 
 */

#undef AUTHOR	/* "woods@kuma.web.net (Greg A. Woods)" */



--
 _______Wizardry is dead._____ _____WHO: Greywolf (my nameplate even says so)
/ ___\ _ \ __\ V / \  / /__ \| | __/WHAT: UNIX System Mangler...er, Admin
\ \| |   < _| ` ' \ '` / \/ /|_| _/ WHERE: Autodesk, Inc.  3 Harbor Dr.
 \___|_|\_\__\|_|  \/\/ \__/___/_|  Sausalito, CA 94965 (415) 332-2344 x4219
	see also: gandalf@netcom.com