Thanks to everyone who had responded to this, specifically to Edward Grimm.
Below is my question reproduced:
> Can I get the 'chown' to make it work for non-root users on
> SunOS 4.1.4?
I wanted this badly, as frequent requests from users to change owner to some
one else, kept coming to me.
The replies - summarized - were:
1. DONT' DO IT - Because of User Quota getting affected.
2. SETUID chown - As suggested by themselves,very dangerous as anybody can
simply become root. Not a good idea.
3. Unset the _POSIX_CHOWN_RESTRICTED OS option -
- It looked to me initially as the actual solution, but
further analysis proved to me that in SunOS, there is no
way to unset this option at all.(man 2 chown will give the
details).
The chown behaviour is seen only in SunOS and Solaris, and other OS like
Unixware and other SVR4 systems have chown working for non-root users too.
They solve the security problem by UNSETTING all setuid,setgid bits on the
file.
Hence the only solution on SunOS to me, looks like writing my own chown
program and give SETUID perms to that "mychown". This "mychown" will unset
all the setuid,setgid bits on the file being chown'ed. Our site does not
have User quotas implemented and hence this should be fine for me.
Thanks to:
Edward Grimm <edgrimm@neptune.mtc.ti.com>
Pete A. Zaitcev <zaitcev@lab.sun.mcst.ru>
Rodney Marable <marable@socialaw.com>
Keith Willenson <keith@oz.health.state.mn.us>
Michael McGeown <mcgeown@bbn.com>
Salvador Ramirez <sram@sol.inf.udec.cl
Gokhan ERDEM <gokhan@gantek.com.tr>
Sesharao Patchipala <sesharao@lsil.com>
Tommy Williams <tommy@vumclib.mc.vanderbilt.edu>
Daniel E. Singer <des@cs.duke.edu>
Daniel Beaudry <Daniel.Beaudry@Enter-Net.com>
Richard Pieri <ratinox@unilab.dfci.harvard.edu>
and
Kaushik Pushpavanam <kaushik@idc.tandem.com>
Thanks
Srinivasa Moorthy
(rsm@idc.tandem.com)
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:10 CDT