Posted by The Natural Philosopher on 12/05/07 12:27

Jerry Stuckle wrote:
> Toby A Inkster wrote:
>> Jerry Stuckle wrote:
>>
>>> If your system is set up properly, inly the owner or root can chown() a
>>> file.
>>
>> Actually, unless you've set your system up unusually, only root can.
>>
>> Technically, the owner of the file *can* chown it, but they can't
>> assign ownership to any other user -- they can only chown it to
>> themself, which is rather pointless.
>>
>> In short, unless you're root, you can't use chown to assign ownership
>> to someone else.
>> This is for very valid security reasons. You could, for instance,
>> write and compile a C program which did the equivalent of "rm -fr /",
>> give it permissions 4755 (executable and readable, with setuid bit),
>> chown it to root and then run it, wiping out the entire system.
>>
>
> Nope, I can do it just find on my system. But your idea of rm -fr won't
> work - the script will execute under the user's permissions. You would
> have to change the su bit on the shell's executable - and only root can
> do that.
>
> Even chown'ing it to root will not make any difference as far as the
> script goes. Ownership of the script does not affect permissions of the
> user running the script.
>
unless it has su rights assigned to it.

[Back to original message]