Re: odd chown difference between 2.0 and 2.1pre kernels

Shawn K. Quinn (skquinn@southernaccess.net)
Wed, 13 Jan 1999 18:17:20 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: tz@execpc.com: "2.2.0 IDE failure on Alpha Multia (UDB)"
Previous message: Christian Groessler: "pre6: fix for hd.c"
In reply to: Soeren Todt: "who beats you to release 2.2.0 so early?"

On Sun, 10 Jan 1999, Brandon S. Allbery KF8NH wrote:

| GAK!!! Security flaw here, methinks. chown should unconditionally clear
| setuid and setgid.

While in a way I can somewhat see your reasoning, I disagree. If you're
running chown on a file yet not really changing the owner or group (from
root to root again as in this case) I see no problem with leaving
setuid/setgid as they are. Unless, of course, I'm missing something.

-- Shawn K. Quinn - skquinn@southernaccess.net Posting from a fake address is letting the spammers win

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: tz@execpc.com: "2.2.0 IDE failure on Alpha Multia (UDB)"
Previous message: Christian Groessler: "pre6: fix for hd.c"
In reply to: Soeren Todt: "who beats you to release 2.2.0 so early?"