APLawrence.com - Resources for Unix and Linux Systems, Bloggers and the self-employed

2005/05/24 restrict_chown, rstchown (restricting users from changing ownership)


© May 2005 Tony Lawrence
May 2005

Way back when, chown could be run by everyone. Berkeley Unix saw that as a bad idea and made it root only. Nowadays POSIX says it's up to you.

The default for Unix systems is that users can't change the ownership of files. That's probably the way it should be left, as the ability to do so opens up very bad security issues. Nevertheless, some systems allow this. It may be from a setting in /etc/system:

set rstchown=1

Or, it may be "sysctl" that controls this:

sysctl -a | grep chown
fs.xfs.restrict_chown = 1

For these, a setting of 0 would allow non-root users to use chown.

On other systems, this sort of thing is a "privilege": HP-UX setprivgrp lets you control this (and other things) at the group level. Of course this can be allowed through sudo or similar privilege escalation


Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> 2005/05/24 restrict_chown, rstchown (restricting users from changing ownership)

1 comment


Inexpensive and informative Apple related e-books:

Take Control of Apple Mail, Third Edition

Photos for Mac: A Take Control Crash Course

Take Control of Preview

Take Control of the Mac Command Line with Terminal, Second Edition

Take Control of Pages




More Articles by © Tony Lawrence






Wed May 25 04:56:15 2005: 568   bela


"Berkeley Unix saw that as a bad idea and made it root only."

That's correct but incomplete. Berkeley introduced per-user filesystem quotas to Unix. The quota system worked by keeping track of how many blocks were owned by each UID on a filesystem. It was necessary to restrict chown() so that users couldn't beat the quota system by giving away their large files to another user with more free quota (or e.g. root, with unlimited quota).

Without restricted chown(), you could make a directory with mode 700 and create world-read/write files in it owned by someone else. You would have full access (including the right to delete the files -- granted by ownership of the parent directory), no quota charge, and nobody else could access the files.

So chown() became a privilege to be won.

>Bela<

------------------------

Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





A Perl script is "correct" if it gets the job done before your boss fires you. (Larry Wall)




Linux posts

Troubleshooting posts


This post tagged:

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode