Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!ibmarc!rufus!drake.almaden.ibm.com!drake
From: drake@drake.almaden.ibm.com
Newsgroups: comp.unix.aix
Subject: Re: chown broken in 3.1 ?
Message-ID: <158@rufus.UUCP>
Date: 6 Sep 90 17:15:14 GMT
References: <384@morpho.UUCP>
Sender: news@rufus.UUCP
Distribution: na
Organization: IBM Almaden Research Center
Lines: 25

In article <384@morpho.UUCP> larry@morpho.UUCP (Larry Morris) writes:
>The chown() call now requires that co have root permissions in order to
>perform the chown.  
>
>I can see where this might fix some serious security holes inherent with
>remote file systems, but does the rest of the world do this?  Or is this
>another one of IBM's better ideas?  

The POSIX 1003.1 spec allows (but does not mandate) this behavior.  The
commentary portion of the spec discusses this issue:

  System III and System V allow a user to give away files ....  This is
  a serious problem for implementations which are intended to meet 
  government security regulations.  Version 7 and 4.3BSD permit only the
  super-user to change the user ID of a file.  ... The standard uses 
  (the word) "may" to permit secure implementations while not disallowing
  System V.

So this isn't an IBM invention, by any means; it's part of IBM's intent
to conform to POSIX and to emulate BSD as closely as possible.


Sam Drake / IBM Almaden Research Center 
Internet:  drake@ibm.com            BITNET:  DRAKE at ALMADEN
Usenet:    ...!uunet!ibmarc!drake   Phone:   (408) 927-1861