Charles Curley wrote:
> On Fri, May 19, 2000 at 07:53:02AM -0400, Brian T. Schellenberger wrote:
> ->
> -> Fascinating.
> ->
> -> The behavior about which you are complaining is not compliant with
> -> normal Unix behavior, but I've verified it: A normal user can't chown a
> -> file, even if he initially owns it and is attempting to give it away.
> ->
> -> My recollection of normal Unix behavior--and I've definately verified it
> -> for HP/UX, so I know I'm not just dreaming--is that you can give a file
> -> away but you can't take one.
> ->
> -> The behavior of Mandrake 7.0's chown is clearly wrong; does anybody know
> -> why it happens?
>
> Hi, Brian.
>
> I just checked on Red Hat 5.2, and found the same.
>
> Perhaps this has to do with the way Red Hat and Mandrake set up users:
> each in their own group. User ccurley is a member of the group
> ccurley. Only if the admin adds a user to more general groups does he
> become a member of one. HP-UX, by default, makes all users members of the
> group users, if I recall correctly.
>
> Red Hat calls this scheme "user private groups" (UPG), and claims it makes
> things more secure.
>
> Would you please check on HP-UX to see if user A can transfer a file to
> another user, B, who is not a member of any group of which A is a member?
>
> Thanks
>
> --
>
> -- C^2
>
> No windows were crashed in the making of this email.
>
> Looking for fine software and/or web pages?
> http://w3.trib.com/~ccurley
I would say the UPG scheme is a tad more secure... <g>
As root I have had chgrp instructions rejected because I wasn't a member of
the group!. Had to make root part of the group just to chgrp a /hume/username
directory recursively.
Civileme
--
BETA-testing Netscape 6
and its mailer
