Re: Unrestrict chown?
On Tue, Dec 09, 2008 at 09:29:14PM -0500, Celejar wrote: chown root some bad file Harmless unless root chooses to run it (in which case it would be a problem regardless of which user he chown's it to), If it is executable and setuid then root didn't have to choose to run it. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il || a Mutt's [EMAIL PROTECTED] || best ICQ# 16849754 || friend -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Tue, Dec 09, 2008 at 10:40:22PM +0100, Christopher Zimmermann wrote: On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? I read this was possible on solaris and several other unices and wonder if it is possible with linux. Why not just email the file? Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Tue, 2008-12-09 at 22:40 +0100, Christopher Zimmermann wrote: Hi! On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? If the users need to share the file, they have something in common! So, - put the users together in a group (adduser user group) - chgroup the file (chgrp group file) - give the document rw permissions (chmod +permissions file) Best, Rob -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Wed, 10 Dec 2008 08:46:49 + Tzafrir Cohen [EMAIL PROTECTED] wrote: On Tue, Dec 09, 2008 at 09:29:14PM -0500, Celejar wrote: chown root some bad file Harmless unless root chooses to run it (in which case it would be a problem regardless of which user he chown's it to), If it is executable and setuid then root didn't have to choose to run it. My original email explicitly assumed that we don't allow this for setuid files: assuming we don't allow this to occur with suid executables, of course Tzafrir Cohen | [EMAIL PROTECTED] | VIM is Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Unrestrict chown?
Hi! On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? I read this was possible on solaris and several other unices and wonder if it is possible with linux. Christopher signature.asc Description: PGP signature
Re: Unrestrict chown?
On 2008-12-09 22:40 +0100, Christopher Zimmermann wrote: On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? No. I read this was possible on solaris and several other unices and wonder if it is possible with linux. This is deliberately not possible. Sven -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
That would be a terrible thing to happen, that any one could appropriate your files to themselves. The other user could copy your file if you set it through chmod properly, and therefore the problem would be solved. --- On Tue, 12/9/08, Christopher Zimmermann [EMAIL PROTECTED] wrote: From: Christopher Zimmermann [EMAIL PROTECTED] Subject: Unrestrict chown? To: debian-user@lists.debian.org Date: Tuesday, December 9, 2008, 4:40 PM Hi! On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? I read this was possible on solaris and several other unices and wonder if it is possible with linux. Christopher
Re: Unrestrict chown?
On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On 2008-12-09 22:56 +0100, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. It would be a DoS against user2 if disk quotas are used. Sven -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
Christopher Zimmermann [EMAIL PROTECTED] writes: Hi! On my debian box using linux kernel its not possible to give away files: [EMAIL PROTECTED]:~% touch foo [EMAIL PROTECTED]:~% chown otheruser foo chown: changing ownership of `foo': Operation not permitted only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? I read this was possible on solaris and several other unices and wonder if it is possible with linux. As others have mentioned, normally this is a bad idea. But if you have a specialized need for it, you can write a small program to open the file, check the owner with fstat, then change the owner with fchown. If you install this program setuid it will let you give this capability to your users. If you just need this for particular application, it could check if the files match some other criteria, like being in the right directory. If you used this approach, you would need to take great care in writing the program so it doesn't allow users to give away others' files. -Scott. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Tue, 09 Dec 2008 23:03:38 +0100 Sven Joachim [EMAIL PROTECTED] wrote: On 2008-12-09 22:56 +0100, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. It would be a DoS against user2 if disk quotas are used. Good point. I suppose that danger will also exist if user2 has any file at all that is world writable. Running 'find ~ -perm /o+w -type f' seems to indicate that I don't have any, so I guess I'm safe ... Sven Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Tuesday 2008 December 09 16:21:54 Scott Gifford wrote: Christopher Zimmermann [EMAIL PROTECTED] writes: Hi! On my debian box using linux kernel its not possible to give away files, only root can change file owners. Is it possible to configure this behaviour and allow all users to chown their own files? As others have mentioned, normally this is a bad idea. But if you have a specialized need for it, you can write a small program to open the file, check the owner with fstat, then change the owner with fchown. If you install this program setuid it will let you give this capability to your users. If you used this approach, you would need to take great care in writing the program so it doesn't allow users to give away others' files. While your technique is effective, it might be better to modify the existing chmod source. Otherwise you lose (or have to re-implement) all the nice features like -R. Do it right, (including handling the case where chown isn't suid, as well as various security issues) and you might be able to get upstream to accept it, as an option (e.g. ./configure --with-restricted-chown-override-when-suid-root). -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ signature.asc Description: This is a digitally signed message part.
Re: Unrestrict chown?
On Tue, 09 Dec 2008 23:03:38 +0100 Sven Joachim [EMAIL PROTECTED] wrote: On 2008-12-09 22:56 +0100, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. It would be a DoS against user2 if disk quotas are used. Before diskquotas were introduced in BSD it was possible for a user to give away his files. A chown was possible if UID of user and file matched, but setuid and setgid were cleared on the file. I read something about capabilities(7). CAP_CHMOD looks like a solution. But I don't manage to change the capabilities on my files: [EMAIL PROTECTED]:~% sudo getpcaps $$ Capabilities for `25117': =eip cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap-eip [EMAIL PROTECTED]:~% sudo setcap 'cap_chown=eip' foo Failed to set capabilities on file `foo' (Operation not permitted) Do I need special filesystem support for this to work? Or whats the matter? Christopher signature.asc Description: PGP signature
Re: Unrestrict chown?
Sven Joachim [EMAIL PROTECTED] writes: On 2008-12-09 22:56 +0100, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. It would be a DoS against user2 if disk quotas are used. It would also make it impossible to identify which user had created a file, which could be important if a file is a malicious program or just very large. -Scott. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Unrestrict chown?
On Tue, Dec 09, 2008 at 04:56:53PM -0500, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. umm chown root some bad file you could always use sudo with commands limited to chown user2 but Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- We're still being challenged in Iraq and the reason why is a free Iraq will be a major defeat in the cause of freedom. - George W. Bush 04/05/2004 Charlotte, NC signature.asc Description: Digital signature
Re: Unrestrict chown?
On Wed, 10 Dec 2008 12:20:33 +1100 Alex Samad [EMAIL PROTECTED] wrote: On Tue, Dec 09, 2008 at 04:56:53PM -0500, Celejar wrote: On Tue, 9 Dec 2008 13:53:47 -0800 (PST) Arc Roca [EMAIL PROTECTED] wrote: That would be a terrible thing to happen, that any one could appropriate your files to themselves. I've been wondering about this; what would be the problem with the OS allowing user1 to chown his files to user2, assuming we don't allow this to occur with suid executables, of course. umm chown root some bad file Harmless unless root chooses to run it (in which case it would be a problem regardless of which user he chown's it to), but I agree that it's a problem waiting to happen. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]