From b5125cf5f0752bd25a3aed4026a154af4ab4810c Mon Sep 17 00:00:00 2001
From: Jim Meyering <jim@meyering.net>
Date: Sat, 12 Jul 2003 11:31:55 +0000
Subject: [PATCH] *** empty log message ***

---
 NEWS | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/NEWS b/NEWS
index 4f5b01bc37..588da78db3 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,16 @@ GNU coreutils NEWS                                    -*- outline -*-
 - new program: `[' (much like `test')
 
 ** New features
+- chown no longer tries to preserve set-user-ID and set-group-ID bits;
+  on some systems, the chown syscall resets those bits, and previous
+  versions of the chown command would call chmod to restore the original,
+  pre-chown(2) settings, but that behavior is problematic.
+  1) There was a window whereby a malicious user, M, could subvert a
+  chown command run by some other user and operating on files in a
+  directory where M has write access.
+  2) Before (and even now, on systems with chown(2) that doesn't reset
+  those bits), an unwary admin. could use chown unwittingly to create e.g.,
+  a set-user-ID root copy of /bin/sh.
 - head now accepts --lines=-N (--bytes=-N) to print all but the
   N lines (bytes) at the end of the file
 - md5sum --check now accepts the output of the BSD md5sum program, e.g.,
-- 
2.47.2