[ale] chown operation not permitted
Jerry Z. Yu
z.yu at ptek.com
Thu Apr 25 11:24:16 EDT 2002
the easist would be set SUID on chown. (sudo is way better in this
there is probably a compile time option to govern this behavior. a
'93 post on bsd list, saying -DONLYROOT give you the standard behavior.
On Thu, 25 Apr 2002, John Wells wrote:
#While I agree that it's not the best idea, I'd just like to know if it can
#be done.
#--------- Original message --------
#From: Jerry Z. Yu <z.yu at ptek.com>
#To: John Wells <jb at sourceillustrated.com>
#CC: ale at ale.org
#Subject: RE: [ale] chown operation not permitted
#Date: 04-25-02 14:59
#> I don't think you want to disable it. consider the security
#risk: assume you can set SUID on files you own. you then chown to root or
#other powerful users. this way any user can give himeself more
#priviledges. Not mention identity confusion. Say someone download
#some porn to the server, chown to your uid, will you like it?
#you can always force group permission to allow sharing (if that's
#your goal. BTW, what do you try to achieve?), or you have to, set up sudo
#to allow specific command to be issued against certain files.
#On Thu, 25 Apr 2002, John Wells wrote:
##Just got a reply from my hosting company and he stated that in RedHat
##installs, chown is disabled by default for anyone other than root.
##So, running RedHat myself, I gave it a try. Sure enough..."operation
##Man, when was this implemented? I could swear that it wasn't like this in
##earlier (5.x - 6.x) releases.
##Anyway, does anyone know how to disable this?
##--------- Original message --------
##From: John Wells <jb at sourceillustrated.com>
##To: ale at ale.org <ale at ale.org>
##Subject: RE: [ale] chown operation not permitted
##Date: 04-25-02 12:58
##> No. lsattr shows no flags:
##$ lsattr testattr
##-------------- testattr
##Anyway, I can't chattr if I wanted to...seems I don't have permissions if I
##don't have root. Thanks for the suggestion though.
##Any other thoughts? In Solaris, I know there's a config item in one the
##system scripts that will disable chown *system-wide*. Is there anything
##like that for linux?
##Original message --------
##From: Christopher &lt;christopher at bergeron.com&gt;
##To: 'John Wells' &lt;jb at sourceillustrated.com&gt;
##Subject: RE: [ale] chown operation not permitted
##Date: 04-24-02 18:27
##&gt; Have you tried using chattr to change the attributes? It might be
##immutable file. (i flag I think).
##&amp;gt; -----Original Message-----
##&amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
##&amp;gt; Sent: Wednesday, April 24, 2002 10:15 AM
##&amp;gt; To: John C; John Wells; ale at ale.org
##&amp;gt; Subject: RE: [ale] chown operation not permitted
##&amp;gt; It's through a shell using ssh
##&amp;gt; --------- Original message --------
##&amp;gt; From: John C &amp;lt;jcouncilman at knology.net&amp;gt;
##&amp;gt; To: John Wells
#&amp;lt;jb at sourceillustrated.com&amp;gt;,
##ale at ale.org
##&amp;lt;ale at ale.org&amp;gt;
##&amp;gt; Subject: RE: [ale] chown operation not permitted
##&amp;gt; Date: 04-24-02 18:04
##&amp;gt; &amp;gt; Is this on FTP or through shell access?
##&amp;gt; -----Original Message-----
##&amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
##&amp;gt; Sent: Wednesday, April 24, 2002 6:25 AM
##&amp;gt; To: ale at ale.org
##&amp;gt; Subject: [ale] chown operation not permitted
##&amp;gt; I'm trying to change ownership of a file on my ISP's box. I
##&amp;gt; but when I attempt to change it I get an
##&amp;gt; permitted&amp;amp;quot;
##&amp;gt; error.
##&amp;gt; I remember in the past being able to disable non-root chowns
##&amp;gt; and
##&amp;gt; I'm betting there's a way to set this under Linux. For the
#life of
##me, I
##&amp;gt; can't remember how.
##&amp;gt; Can anyone point me in the right direction for info about
##&amp;gt; Thanks,
##&amp;gt; John
##&amp;gt; ---
##&amp;gt; This message has been sent through the ALE general discussion
##&amp;gt; See http://www.ale.org/mailing-lists.shtml for more info.
##&amp;gt; be
##&amp;gt; sent to listmaster at ale dot org.
##&amp;gt; ---
##&amp;gt; This message has been sent through the ALE general discussion
##&amp;gt; See http://www.ale.org/mailing-lists.shtml for more info.
##&amp;gt; be
##&amp;gt; sent to listmaster at ale dot org.
##This message has been sent through the ALE general discussion list.
##See http://www.ale.org/mailing-lists.shtml for more info. Problems should
##sent to listmaster at ale dot org.
##This message has been sent through the ALE general discussion list.
##See http://www.ale.org/mailing-lists.shtml for more info. Problems should
##sent to listmaster at ale dot org.
#Jerry Z. Yu +1-404-262-8544 (O)
#systems engineer z.yu at voicecom.com
#is support, voicecom, llc www.voicecom.com
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
#sent to listmaster at ale dot org.
Jerry Z. Yu +1-404-262-8544 (O)
systems engineer z.yu at voicecom.com
is support, voicecom, llc www.voicecom.com
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list