Xref: utzoo comp.unix.questions:14980 comp.unix.wizards:17319
Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!pt.cs.cmu.edu!sei!godot!ellis
From: ellis@godot.psc.edu (James Ellis)
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: Re: chown (was: at files and permissions)
Keywords: chown
Message-ID: <639@godot.psc.edu>
Date: 13 Jul 89 21:54:06 GMT
References: <1894@cbnewsh.ATT.COM> <669@lzaz.ATT.COM> <8072@bsu-cs.bsu.edu> <4884@ficc.uu.net> <18414@mimsy.UUCP> <10501@smoke.BRL.MIL> <34422@bu-cs.BU.EDU>
Reply-To: ellis@godot.psc.edu (James Ellis)
Organization: Pittsburgh Supercomputing Center
Lines: 36

In article <34422@bu-cs.BU.EDU> bzs@bu-cs.BU.EDU (Barry Shein) writes:
>From: gwyn@smoke.BRL.MIL (Doug Gwyn)
>>use of "du|sort -rn" to find where the problems are.
>...
>No, it can't be dealt with with "du|sort -rn" except on very small systems

With respect to disk quotas, certainly the du mechanism works well for
those environments that can survive with motd or mailed warnings.
(Actually, I prefer a du or ls -R that divides by the number of links
to the file.  But same idea.)  If you have users that ignore you then
you either need policy sanctions or dynamic quotas built into the kernel.
This is all clear enough - I'm sure Doug doesn't need to be lectured
about how to run large systems.

In article <4884@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes:
>I certainly hope that V.4 doesn't have this *bogus* restriction.
>...

But what is this fascination System V has with chown?
It seems to me to be a security problem begging to be misused.
I'll admit that a wide-open chown can make life easier for a few
system utilities - I know how hard it is to write a secure setuid program -
but do not believe these wins outweigh the problems with users being
able to give away files.

When I own a file, I have responsibility for it, and I do not like for
users to be able to foist that responsibility upon me without my knowledge.

If Doug needs to change file ownerships often then he should have his
setuid program that checks and logs what he's doing.
So.  Are there other solutions provided by wide-open chown?
(That's your cue, Peter.)

I'll summarize replies to me; replies to the net summarize themselves...

				-- Jim Ellis