On Mon, 22 Mar 2004, Gerald S. Stoller wrote:

>  This gives the system owner the flexibility to leave
> it this way, or to restrict this ability to  root  as it is now by
> seting  chown's  permissions to  500 , it is already owned by  root.

The "chown" command merely uses the "chown" system call. It is perfectly
possible for a user to write and compile their own version of the chown
command; so setting permissions on a particular executable do not, in
and of themselves, prevent users from effectively duplicating the effect
of the command. This is broadly true across all unixalikes.

>       This is all that a single actual user (as most home systems are)
> system needs, but for a true multi-user system one may want to restrict
> the change to cases where the new owner and the current owner are members
> of one group (and the system administrater should be careful about adding
> users to the group  wheel ).  If the system has some groups that contain
> all users, we may want to allow them to be excluded from consideration,
> though we shouldn't worry about this now.
>       I would like to push for such a change and wish others would
> join me; if anyone knows of any possible problems from this change, or
> has any objections to it, please let me know.

This seems overly complicated. The reasons chown is generally limited
are security-motivated: for example, one can subvert a quota system by
"giving away" files.

Rather than present your solution first, perhaps you could indicate the
use cases that motivate your suggestion. There may be other ways to
achieve the goals you have.

jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
"...perl has been dead for more than 4 years." - Abigail in the Monastery
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to