chgrp resets the setuid and getgid bits
cs at zip.com.au
Wed Jul 26 01:57:50 UTC 2006
On 25Jul2006 22:30, Ben Stringer <ben at burbong.com> wrote:
| On Tue, 2006-07-25 at 14:43 +0300, Markku Kolkka wrote:
| > Ben Stringer kirjoitti viestiss??n (l?hetysaika tiistai, 25.
| > hein?kuuta 2006 12:44):
| > > I observed this today on an RHEL4 system, and it applies to
| > > Fedora also. I don't understand why this occurs - is it a
| > > security feature?
| > It behaves as defined in the Single Unix Specification:
| > http://www.opengroup.org/onlinepubs/009695399/utilities/chgrp.html
| > "Unless chgrp is invoked by a process with appropriate
| > privileges, the set-user-ID and set-group-ID bits of a regular
| > file shall be cleared upon successful completion; the
| > set-user-ID and set-group-ID bits of other file types may be
| > cleared."
| Thanks for the references Markku.
| In the example I gave, I created the file as root, then performed the
| chgrp as root. root was a member of both of the groups I used in the
| example. In what way was this example not "a process with appropriate
Probably in the way that Linux is not totally POSIX compliant, or
possibly that it is compliant to not have such a privilege.
Cameron Simpson <cs at zip.com.au> DoD#743
The code was willing,
It considered your request,
But the chips were weak.
- Haiku Error Messages http://www.salonmagazine.com/21st/chal/1998/02/10chal2.html
More information about the users