[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TAKE - Restrict chown
1.0.2 should not have this problem.
It only existed in CVS from Fri Feb 15 16:39:51 2002 UTC until now.
-Eric
On Mon, 18 Feb 2002, Mihai RUSU wrote:
> Hi
>
> I tested changing the owner of a file with a 2.4.9-13XFS_SGI_1.0.2 and it
> seems I dont have the permissions to do it (the right linux answer). Now
> does this problem affect Release 1.0.2 too (maybe I havent tested it the
> right way) ? If so it would be nice to have a patch against those kernels
> or just point me to the lines where you did the change :)
>
> Thanks
>
> On Mon, 18 Feb 2002, Eric Sandeen wrote:
>
> > We removed xfs's call to inode_change_ok, but then we missed Linux's
> > check for chown capability, relying on XFS. XFS was configured
> > to allow unrestricted chown, which is not the way Linux behaves...
> >
> > In short, don't allow non-super-users to give away files with
> > chown().
> >
> >
> > Date: Mon Feb 18 10:37:23 PST 2002
> > Workarea: stout.americas.sgi.com:/localhome/eric/2.4.x-xfs/workarea-reallyclean
> >
> > The following file(s) were checked into:
> > bonnie.engr.sgi.com:/isms/slinx/2.4.x-xfs
> >
> >
> > Modid: 2.4.x-xfs:slinx:111992a
> > linux/fs/xfs/linux/xfs_globals.c - 1.25
> > - Don't let non-super-user give away files by default
> >
> >
> >
>
> ----------------------------
> Mihai RUSU
> "... and what if this is as good as it gets ?"
>