Posted by Toby A Inkster on 12/05/07 11:32

Jerry Stuckle wrote:

> If your system is set up properly, inly the owner or root can chown() a
> file.

Actually, unless you've set your system up unusually, only root can.

Technically, the owner of the file *can* chown it, but they can't assign
ownership to any other user -- they can only chown it to themself, which
is rather pointless.

In short, unless you're root, you can't use chown to assign ownership to
someone else.

This is for very valid security reasons. You could, for instance, write
and compile a C program which did the equivalent of "rm -fr /", give it
permissions 4755 (executable and readable, with setuid bit), chown it to
root and then run it, wiping out the entire system.

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 10 days, 18:14.]

Sharing Music with Apple iTunes
http://tobyinkster.co.uk/blog/2007/11/28/itunes-sharing/

• Next in forum: Re: Regexp to force line break/word wrap in long words
• Prev in forum: Re: PHP site update - 02-12-2007
• Thread view: Re: Can't chown() "my" files...

[Reply to this message]