non-superuser chown(2)s considered harmful
Dan Bernstein
brnstnd at kramden.acf.nyu.edu
Fri Dec 7 22:12:57 AEST 1990
In article <109958 at convex.convex.com> tchrist at convex.COM (Tom Christiansen) writes:
> I consider non-superuser chown(2)s harmful. They screw up anyone who's
> trying to do post-facto disk accounting or pre-emptive disk quotas.
There is, however, one case where non-superuser chown()s would greatly
help security. Setuid programs should to be able to switch files between
the real and effective uids. Because this feature isn't available, many
secure programs have to run as root rather than their own uids.
---Dan
More information about the Comp.unix.internals
mailing list