Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!ut-emx!ibmchs!auschs!awdprime!greenber.austin.ibm.com!jfh
From: jfh@greenber.austin.ibm.com (John F Haugh II)
Newsgroups: comp.unix.aix
Subject: Re: Where does getty get its information?
Message-ID: <6635@awdprime.UUCP>
Date: 12 Apr 91 21:11:54 GMT
References: <1991Apr08.154742.19459@edm.uucp> <6533@awdprime.UUCP> <1991Apr11.222123.36169@edm.uucp>
Sender: news@awdprime.UUCP
Organization: Best Care South of the Red River, LCC, Austin, Republic of Texas
Lines: 20

In article <1991Apr11.222123.36169@edm.uucp> geoff@edm.uucp (Geoff Coleman) writes:
>	What I've been asking for is to allow someone other than root to
>own the ports but not just anybody. If I could have uucp own my 
>bi-directional ports with permission 0660 and owned by uucp I would be 
>happy. I can do this on SYS V r3 why not in AIX.

You are correct that someone other than root should =ideally= own the
ports, but the problem is that a random user ID cannot give a file back
to its owner unless that process has root authority.  The reason is that
the chown() system call is restricted to root privileges only.  Were
that not the case (and it isn't in SVR3), it would be trivial to set a
file to and from uucp ownership with a process that were merely setuid
to uucp.  However, AIX does have POSIX_CHOWN_RESTRICTED set, as required
by FIPS I believe, so the more SVR3-like technique of flipping between
a non-root setuid UID and the real UID doesn't work due to the failing
chown() call.
-- 
John F. Haugh II      |      I've Been Moved     |    MaBellNet: (512) 838-4340
SneakerNet: 809/1D064 |          AGAIN !         |      VNET: LCCB386 at AUSVMQ
BangNet: ..!cs.utexas.edu!ibmchs!auschs!snowball.austin.ibm.com!jfh (e-i-e-i-o)