This is a desirable security feature. But as mentioned if you $ cp source foo $ rm source $ mv foo source user now owns source.
On Sun, 08 Jun 2003 06:12, Richard Urwin wrote: > On Saturday 07 Jun 2003 6:45 pm, Greg Meyer wrote: > > On Saturday 07 June 2003 01:12 pm, Kristjan wrote: > > > Hi > > > > > > It must be a simple thing but still > > > > > > How can I make so that users can > > > change the ownership of files that are resided in their own home > > > directory and that are not owned by them > > > > > > Currently an user who issues 'chown' command to the file that is not > > > owned by him only gets that operation is not permitted > > > > You're right, interesting. I know that a user cannot create a file in a > > user directory other than their own unless you have some group thing set > > up. > > > > [EMAIL PROTECTED] /home/greg] > > $ touch testfile > > touch: cannot touch `testfile': Permission denied > > > > > > I also know that a user can manipulate a file in their own home directory > > even without ownership. In other words, if a file owned by root exists > > in my home, I can delete it. > > > > [EMAIL PROTECTED] ~] $ ls -l testfile > > -rw-r--r-- 1 root root 0 Jun 7 13:42 testfile > > > > [EMAIL PROTECTED] ~] $ rm testfile > > rm: remove write-protected regular empty file `testfile'? y > > > > [EMAIL PROTECTED] ~] $ ls testfile > > ls: testfile: No such file or directory > > > > Anybody know the answer to this? > > Generally, you only need write access to the directory for any changes that > are stored in the directory tables. So you can rename and delete files that > you cannot write to. There was a workaround that you could do in 1980s > Unices in that /etc was owned by "Engineer", so if you lost the root > password you could just mv the entire passwd file and create a new one. > (Oops!) > > Since the owner and group are stored in the same tables I would expect that > changing them would be possible. > > From playing around here it would seem that you cannot chgrp to or from a > group that you are not in. By extension it would seem that chown works the > same way. > > Strangely enough the documentation for chown makes no mention of this > behavior. -- Michael
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
