From: Jim Meyering Date: Sat, 12 Jul 2003 08:37:36 +0000 (+0000) Subject: (change_file_owner): Do not restore any special X-Git-Tag: v5.0.1~72 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e34468f61f043b0a8bef0064054f9b27a969015;p=thirdparty%2Fcoreutils.git (change_file_owner): Do not restore any special permission bits (e.g., set-user-ID, set-group-ID) that are reset by chown(2) on some systems. Suggestion and insistence :-) from Michael Stone. --- diff --git a/src/chown-core.c b/src/chown-core.c index a46dd7ef77..57b91a95ea 100644 --- a/src/chown-core.c +++ b/src/chown-core.c @@ -332,23 +332,12 @@ change_file_owner (int cmdline_arg, const char *file, uid_t uid, gid_t gid, } else { - /* The change succeeded. On some systems, the chown function - resets the `special' permission bits. When run by a - `privileged' user, this program must ensure that at least - the set-uid and set-group ones are still set. */ - if (file_stats.st_mode & ~(S_IFMT | S_IRWXUGO) - /* If we called lchown above (which means this is a symlink), - then skip it. */ - && ! called_lchown) - { - if (chmod (file, file_stats.st_mode)) - { - error (0, saved_errno, - _("unable to restore permissions of %s"), - quote (file)); - fail = 1; - } - } + /* The change succeeded. On some systems (e.g., Linux-2.4.x), + the chown function resets the `special' permission bits. + Do *not* restore those bits; doing so would open a window in + which a malicious user, M, could subvert a chown command run + by some other user and operating on files in a directory + where M has write access. */ } } else if (chopt->verbosity == V_high)