notes@zeppo.UUCP (10/17/83)
#N:zeppo:13300001:000:325 zeppo!ber Jul 22 00:01:00 1982 One of the hassles in converting users and programs among various versions of UNIX is the seemingly trivial difference concerning the ability of mortals to chown their files. v7 and 4.1bsd don't allow it. UNIX 4.0 does. What's your opinion. We'd like to know. Please send mail, not netnews. Thank you, brian redman
preece@uicsl.UUCP (10/21/83)
#R:zeppo:13300001:uicsl:12500015:000:371 uicsl!preece Oct 20 13:34:00 1983 [I tried to send mail, but it didn't go through.] We would like to be able to change the ownership of files so that an individual attached to more than one group can move files from one group to another as necessary. Actually, what we'd like is some further elaboration of the accounting structure, but that's another story... scott preece pur-ee!uiucdcs!uicsl!preece
laura@utcsstat.UUCP (Laura Creighton) (10/23/83)
The article I followed up was a followup to an artticle that is one of those annoying duplicates. What I want to let people know is that *a lot* of people (including myself) have written programs that depend on the-owner-of-any-file-that-is-created-by-the-person-running-the-program is-the-person-running-the-program. Sorry folks, but it never occurred to me that someone was going to change THAT. I expect to see a lot of broken local software as this 'feature' perculates through the unix communittee. In particular, everybody go back and check and see if your secure-as-Fort-Knox database manipulating programs are still secure. Mine aren't... Laura Creighton utzoo!utcsstat!laura
guy@rlgvax.UUCP (Guy Harris) (10/25/83)
If you are referring to things like "at", where the user on whose behalf the
batch script is run is assumed to be the user that owns the file, there is a
simple fix. There already exists in UNIX a facility where a user can get the
privileges of the owner of a file by using that file; the set-UID facility.
The USG systems that allow you to give a file away (and, unless you're the
super-user, that's *all* they allow you to do with the file's ownership) solve
this by turning off the set-UID bit on a file if you give it away to another
and turning off the set-GID bit if you change the group (again, unless you are
the super-user). For any file where you use the owner UID to grant permissions,
simply require that file to have its set-UID bit on. Then, if anybody tries
to give the file away to somebody in order to get that person's permissions,
the kernel will force the set-UID bit off and your program will refuse to let
the guy in.
In our environment it's rare that you'd want to give a file away (we use our
machine for program development, mostly) but somebody working at one of our
sales offices (OZ, if you know him) points out that in an office system (which
is what we sell on our UNIX boxes) you might create a memo for somebody else
and then want to turn ownership of that memo over to them, so in a lot of cases
it may be very useful to be able to give files away.
Guy Harris
{seismo,mcnc,brl-bmd,allegra}!rlgvax!guy