Subj : This is why FreeBSD...
To   : Angus Mcleod
From : Jasen Betts
Date : Mon Aug 23 2004 10:44 am

Hello Angus.

14 Aug 04 05:32, you wrote to Takumi:

 AM> @TZUTC: -0400
 AM> @MSGID: 1:275/312 05833257 1150.doveunix 05833257
 AM> @TID: SBBSecho 2.10-Win32 r1.131 Apr  3 2004 MSC 1200
 AM>   Re: This is why FreeBSD...
 AM>   By: Takumi to Angus Mcleod on Sat Aug 14 2004 02:07:00

 >> If you want someone else to own a file, write it yourself, and get
 >> them to c it.

 AM> Doesn't wash.  The entire chown command is useless if you can't
 AM> actually USE it.

you can use it instead of chgrp, (to change the group of a file) so it's not 
totally useless.

 AM>   Of you're worried about setuid/setgid then make
 AM> chown non-functional for files with setuid/setgid bits set.

But then you still can fill /tmp with junk and blame someone else!

 AM>   Or to be
 AM> really strict, make it so you can only chown to your own userid (with
 AM> read perms on the other guys file(s), of course).

that'd mean you can steal someone elses file and then deny them access to it.

Jasen

--- GoldED+/LNX 1.1.4.7
 * Origin:  (3:640/1042)

.