| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Jul 2013 10:29:01 +0200
From: "Ulrich Windl" <Ulrich.Windl@...uni-regensburg.de>
To: <linux-kernel@...r.kernel.org>
Cc: "Ulrich Windl" <Ulrich.Windl@...uni-regensburg.de>
Subject: chown: s-Bits: to clear or not to clear
Hi folks,
I discovered (SLES11 SP2 with kernel 3.0.80) that a chown executed by root (from non-root to non-root user) clears any s-Bits that were set for the old owner.
The man page (man 2 chown) says:
When the owner or group of an executable file are changed by a non-
superuser, the S_ISUID and S_ISGID mode bits are cleared. POSIX does
not specify whether this also should happen when root does the chown();
the Linux behavior depends on the kernel version. In case of a non-
group-executable file (i.e., one for which the S_IXGRP bit is not set)
the S_ISGID bit indicates mandatory locking, and is not cleared by a
chown().
As there are good arguments for and against clearing the s-Bits during chown, there are probably only good arguments for having an option for chown(1) to preserve the s-Bits. What do you think? (I know this is the wrong list for discussing utils).
Regards,
Ulrich Windl
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists