[EMAIL PROTECTED] wrote:
<<On Mon, 20 Oct 2008 09:51:15 -0400, Michael Meffie <[EMAIL PROTECTED]> said:
I have been looking at Derrick's patch from last spring
to implement POSIX style chown, with the hope it can be
included in OpenAFS 1.5. Since there are security implications
to this change, I am posting it here for further review
and comment.
The idea is to allow regular users to disown files when the
C acl bit is set.
What does POSIX have to do with this? POSIX does not require that
users have the ability to give away files. (In fact, a "strictly
conforming" POSIX implementation shall not allow this.)
I think the name posix chown came from the fact that posix requires
the suid and sgid bits be cleared when the user disowns a file. Which
is an important security consideration.
Does the patch include changes to allow pathconf(_PC_CHOWN_RESTRICTED,
"/afs/...") to return the correct value?
_______________________________________________
OpenAFS-devel mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-devel
