Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!ucsd!ames!mindcraft.com!karish
From: karish@mindcraft.com (Chuck Karish)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <660809780.21869@mindcraft.com>
Date: 10 Dec 90 06:16:18 GMT
References: <18786@rpp386.cactus.org> <1990Dec7.171501.18028@mp.cs.niu.edu> <18792@rpp386.cactus.org> <110075@convex.convex.com> <18796@rpp386.cactus.org>
Organization: Mindcraft, Inc.
Lines: 28

In article <18796@rpp386.cactus.org> jfh@rpp386.cactus.org
(John F Haugh II) writes:
>However, in a co-operative environment (such as commercial installations)
>there is quite a bit of file-sharing going on in a very ad hoc fashion.

That's why Berkeley systems support supplementary groups.  File sharing
is supported in a manageable fashion.

>User's should not be forced to contact an administrator, or perform file
>access mode mumbo-jumbo to give a file away.

This surprises me a little.  I'd thought that the most militant
computer freedom zealots were BSD types.

Anyway, changing a file's ownership isn't necessary for sharing.
Changing its ownership handicaps the previous owner's access just
as it enhances the new owner's access.  Group access is the
right way to share files.  This is implemented in a reasonable
way in BSD systems, but the POSIX.1/FIPS 151-1 translation is
flawed, as I've pointed out here before.

>Why FIPS went with chown() being restricted is a mystery ...

Hint: FIPS 151-1 also requires that NGROUPS_MAX be non-zero.
-- 

	Chuck Karish		karish@mindcraft.com
	Mindcraft, Inc.		(415) 323-9000