[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chown before chmod in gzip.c copy_stat prevents chmod
From: |
Paul Eggert |
Subject: |
Re: chown before chmod in gzip.c copy_stat prevents chmod |
Date: |
Wed, 13 Jun 2007 09:59:18 -0700 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) |
"O'Connor, Russell" <address@hidden> writes:
> The file gets gzipped in the HPUX NFS case, too, but since the chown
> works and the chmod fails, everyone but the owner loses access to it,
> which is not OK.
I suggest using the HP-UX setprivgrp command (or modifying
/etc/privgroup) so that ordinary users cannot give away their files
via chown. It's a bit more secure that way, anyway; that's why most
OSes default to doing it this way nowadays. I suspect HP-UX defaults
to the insecure behavior for historical reasons only.
If you do that, you shouldn't need to modify gzip.