On 07/06/03 17:26, Karol Lewandowski wrote:
Vanilla Linux 2.4.21 form kernel.org + xfs snapshot:
dmesg: SGI XFS snapshot-2.4.21-2003-06-23_01:45_UTC with no debug enabled
Any user can chown his own files to any uid or gid.
Unprivileged user (say karol) can do this successufly:
karol@greenplant:/tmp/test$ id
uid=1023(karol) gid=127(plant)
groups=127(plant),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),101(dri)
karol@greenplant:/tmp/test$ touch newfile
karol@greenplant:/tmp/test$ ls -l
total 0
-rw------- 1 karol plant 0 Jul 7 02:02 newfile
karol@greenplant:/tmp/test$ chown root:root newfile
karol@greenplant:/tmp/test$ ls -l
total 0
-rw------- 1 root root 0 Jul 7 02:02 newfile
karol@greenplant:/tmp/test$
Patch for Linux 2.4.20 doesn't seem to have this problem, so i tried to
locate
this issue... I think the problem is in <linuxroot>/fs/xfs/xfs_vnodeops.c
Unhopefuly I weren't able to fix it, I'm not kernel hacker (Yet :)
eeeek. i just verified this on my boxes running 2.4.21-xfs. scary.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman netllama@xxxxxxxxxxxxx
Linux Step-by-step & TyGeMo: http://netllama.ipfox.com
5:30pm up 1 day, 2:29, 1 user, load average: 0.17, 0.18, 0.09
|