Bug#665451: coreutils: chown/chgrp illegally reset suid/sgid
Package: coreutils Version: 8.13-3 Severity: important Hello! Sorry my bad English chown/chgrp illegally reset suid/sgid. I think this is critical, as it is often used in [post/pre]install scripts, see Bug #664206. globus@aspera:~/mia/tmp$ ls -l -rwxr-xr-x 1 globus globus12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chmod 2755 testp globus@aspera:~/mia/tmp$ ls -l -rwxr-sr-x 1 globus globus12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chown globus:tempo testp globus@aspera:~/mia/tmp$ ls -l testp -rwxr-xr-x 1 globus tempo 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chmod 6755 testp globus@aspera:~/mia/tmp$ ls -l testp -rwsr-sr-x 1 globus tempo 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chown globus:globus testp globus@aspera:~/mia/tmp$ ls -l testp -rwxr-xr-x 1 globus globus 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chmod 7755 testp globus@aspera:~/mia/tmp$ ls -l testp -rwsr-sr-t 1 globus globus 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chown globus:globus testp globus@aspera:~/mia/tmp$ ls -l testp -rwxr-xr-t 1 globus globus 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chmod 6755 testp globus@aspera:~/mia/tmp$ ls -l testp -rwsr-sr-x 1 globus globus 12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chgrp tempo testp globus@aspera:~/mia/tmp$ ls -l testp -rwxr-xr-x 1 globus tempo 12 Мар 24 17:12 testp -- System Information: Debian Release: wheezy/sid APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: i386 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages coreutils depends on: ii dpkg 1.16.1.2 ii install-info 4.13a.dfsg.1-8 ii libacl1 2.2.51-5 ii libattr1 1:2.4.46-5 ii libc6 2.13-27 ii libselinux1 2.1.9-2 coreutils recommends no packages. coreutils suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#665451: coreutils: chown/chgrp illegally reset suid/sgid
retitle coreutils: chown/chgrp invalidly reset suid/sgid tag 665451 + unreproducible wontfix severity 665451 normal thanks Yoric Kotchukov wrote: chown/chgrp illegally reset suid/sgid. I think this is critical, as it is often used in [post/pre]install scripts, see Bug #664206. It can only be an invalid operation. It isn't illegal. No laws are involved. globus@aspera:~/mia/tmp$ ls -l -rwxr-sr-x 1 globus globus12 Мар 24 17:12 testp globus@aspera:~/mia/tmp$ chown globus:tempo testp Debian Release: wheezy/sid Architecture: i386 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) I cannot reproduce this behavior. This chown action should produce an error message. By default on BSD-like systems such as Debian GNU/Linux chown is only allowed by root. You should be seeing this error message: chown: changing ownership of `testp': Operation not permitted Only on System V like systems is chown by non-root allowed by default. This FAQ reference explains the issue in more detail: http://www.gnu.org/software/coreutils/faq/#Why-can-only-root-chown-files_003f globus@aspera:~/mia/tmp$ ls -l testp -rwxr-xr-x 1 globus tempo 12 Мар 24 17:12 testp Yes. This is documented in the chown manual this way: The `chown' command sometimes clears the set-user-ID or set-group-ID permission bits. This behavior depends on the policy and functionality of the underlying `chown' system call, which may make system-dependent file mode modifications outside the control of the `chown' command. For example, the `chown' command might not affect those bits when invoked by a user with appropriate privileges, or when the bits signify some function other than executable permission (e.g., mandatory locking). When in doubt, check the underlying system behavior. Therefore I do not consider this a bug in coreutils but rather a policy decision made by the underlying host operating system kernel. Bob -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#665451: coreutils: chown/chgrp illegally reset suid/sgid
Michael Stone wrote: Bob Proulx wrote: I cannot reproduce this behavior. This chown action should produce an error message. By default on BSD-like systems such as Debian GNU/Linux chown is only allowed by root. You should be seeing this error message: chown: changing ownership of `testp': Operation not permitted No, because the chown is a noop; he's only changing the group. Ah! Yes. I missed that. Sorry. I was fixated on the own part of the chown call. The larger point that this is an OS policy is correct; chown/chgrp in coreutils aren't calling chmod themselves in this case. This is a requirement of POSIX chown(2), and thus fairly unlikely to change. Agreed. The effect is the same. Bob -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
