non-superuser chown(2)s considered harmful
Sean Eric Fagan
sef at kithrup.COM
Tue Dec 11 21:15:10 AEST 1990
In article <660602312.10476 at mindcraft.com> karish at mindcraft.com (Chuck Karish) writes:
>That's why FIPS 151-1 mandates that the POSIX.1 _POSIX_CHOWN_RESTRICTED
>option be supported.
Believe it or not, this is one feature of SCO's C2 stuff that I like. It's
possible to set things up such that any specific user can use chown(), or
only root, or all, or any combination in betwen. It's very nice, in a way.
(I can just see them extending it: a fork() priv. bit, an exec() priv. bit,
a stat() priv. bit, etc... 8-))
If I had more users on kithrup, I would probably set that up (depending on
the users; for a generic, dial-up thing, yeah; if it were just friends of
mine, then, no, I guess not).
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.internals
mailing list