chgrp resets the setuid and getgid bits

Cameron Simpson cs at
Wed Jul 26 01:57:50 UTC 2006

On 25Jul2006 22:30, Ben Stringer <ben at> wrote:
| On Tue, 2006-07-25 at 14:43 +0300, Markku Kolkka wrote:
| > Ben Stringer kirjoitti viestiss??n (l?hetysaika tiistai, 25. 
| > hein?kuuta 2006 12:44):
| > > I observed this today on an RHEL4 system, and it applies to
| > > Fedora also. I don't understand why this occurs - is it a
| > > security feature?
| > 
| > It behaves as defined in the Single Unix Specification: 
| >
| > "Unless chgrp is invoked by a process with appropriate 
| > privileges, the set-user-ID and set-group-ID bits of a regular 
| > file shall be cleared upon successful completion; the 
| > set-user-ID and set-group-ID bits of other file types may be 
| > cleared."
| Thanks for the references Markku.
| In the example I gave, I created the file as root, then performed the
| chgrp as root. root was a member of both of the groups I used in the
| example. In what way was this example not "a process with appropriate
| privileges"?

Probably in the way that Linux is not totally POSIX compliant, or
possibly that it is compliant to not have such a privilege.
Cameron Simpson <cs at> DoD#743

The code was willing,
It considered your request,
But the chips were weak.
- Haiku Error Messages

More information about the users mailing list