Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!usc!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <1990Dec11.101510.10777@kithrup.COM>
Date: 11 Dec 90 10:15:10 GMT
References: <109958@convex.convex.com> <18786@rpp386.cactus.org> <660602312.10476@mindcraft.com>
Organization: Kithrup Enterprises, Ltd.
Lines: 19

In article <660602312.10476@mindcraft.com> karish@mindcraft.com (Chuck Karish) writes:
>That's why FIPS 151-1 mandates that the POSIX.1 _POSIX_CHOWN_RESTRICTED
>option be supported.

Believe it or not, this is one feature of SCO's C2 stuff that I like.  It's
possible to set things up such that any specific user can use chown(), or
only root, or all, or any combination in betwen.  It's very nice, in a way.
(I can just see them extending it:  a fork() priv. bit, an exec() priv. bit,
a stat() priv. bit, etc... 8-))

If I had more users on kithrup, I would probably set that up (depending on
the users; for a generic, dial-up thing, yeah; if it were just friends of
mine, then, no, I guess not).

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.