Newsgroups: comp.unix.internals
Path: utzoo!censor!geac!gjetor!adeboer
From: adeboer@gjetor.geac.COM (Anthony DeBoer)
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <1990Dec10.231812.23634@gjetor.geac.COM>
Organization: Geac J&E Systems Ltd.
References: <18792@rpp386.cactus.org>
Date: Mon, 10 Dec 90 23:18:12 GMT

In article <18792@rpp386.cactus.org> jfh@rpp386.cactus.org (John F Haugh II) writes:
>The context of the thread was that chown() messes up the quota mechanism,
>and is therefore evil.  

Just for my $0.02 worth, if quotas are in effect, why not have a nightly
daemon that goes through each user's directory and blows away anything he/she
doesn't own?  This should take care of out-chowning files to bypass
allocation.  The script would look something like:

cd /u/users
for USER in *
do
 find $USER ! -user $USER -exec rm -rf {} \;
done

Provided that there aren't any public directories people can stash stuff into
(ie. keep a handle on /tmp, /usr/spool/uucppublic, mail, etc., like you should
be doing anyway), this should ensure that the number of blocks of stuff the
user has equals what you see when you "du" their directory.

The only other case involved would be other users sending files ("Can you give
me a copy of XXXX?"), but if user A trusts user B (and anyone else in sight)
enough to allow them to copy files into his/her directory, it would be
reasonable to expect either user B to chown the copy of the file or for user A
to copy it (to their own ownership) immediately after.  And it would be more
reasonable for user B to make the file readable and let user A do the actual
copy anyway.
-- 
Anthony DeBoer - NAUI #Z8800                           adeboer@gjetor.geac.com 
Programmer, GEAC J&E Systems Ltd.             uunet!jtsv16!geac!gjetor!adeboer
Toronto, Ontario, Canada             #include <std.random.opinions.disclaimer>
