[ale] chown operation not permitted

Jerry Z. Yu z.yu at ptek.com
Thu Apr 25 11:01:00 EDT 2002 

	I don't think you want to disable it. consider the security 
risk: assume you can set SUID on files you own. you then chown to root or 
other powerful users. this way any user can give himeself more 
priviledges. Not mention identity confusion. Say someone download 
some porn to the server, chown to your uid, will you like it?
	you can always force group permission to allow sharing (if that's 
your goal. BTW, what do you try to achieve?),  or you have to, set up sudo 
to allow specific command to be issued against certain files.
	
On Thu, 25 Apr 2002, John Wells wrote:

#Just got a reply from my hosting company and he stated that in RedHat
#installs, chown is disabled by default for anyone other than root.
#
#So, running RedHat myself, I gave it a try.  Sure enough..."operation not
#permitted".
#
#Man, when was this implemented?  I could swear that it wasn't like this in
#earlier (5.x - 6.x) releases.
#
#Anyway, does anyone know how to disable this?
#
#Thanks,
#John
#
#---------  Original message --------
#From: John Wells <jb at sourceillustrated.com>
#To: ale at ale.org <ale at ale.org>
#Subject: RE: [ale] chown operation not permitted
#Date: 04-25-02 12:58
#
#> No.  lsattr shows no flags:
#
#$ lsattr testattr
#-------------- testattr
#
#Anyway, I can't chattr if I wanted to...seems I don't have permissions if I
#don't have root.  Thanks for the suggestion though.
#
#Any other thoughts?  In Solaris, I know there's a config item in one the
#system scripts that will disable chown *system-wide*.  Is there anything
#like that for linux?
#
#Thanks,
#John
#
#
#
#Original message --------
#From: Christopher &lt;christopher at bergeron.com&gt;
#To: 'John Wells' &lt;jb at sourceillustrated.com&gt;
#Subject: RE: [ale] chown operation not permitted
#Date: 04-24-02 18:27
#
#&gt; Have you tried using chattr to change the attributes?  It might be an
#immutable file. (i flag I think).
#
#-CB
#
#&amp;gt; -----Original Message-----
#&amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
#&amp;gt; Sent: Wednesday, April 24, 2002 10:15 AM
#&amp;gt; To: John C; John Wells; ale at ale.org
#&amp;gt; Subject: RE: [ale] chown operation not permitted
#&amp;gt;
#&amp;gt; It's through a shell using ssh
#&amp;gt;
#&amp;gt;
#&amp;gt; ---------  Original message --------
#&amp;gt; From: John C &amp;lt;jcouncilman at knology.net&amp;gt;
#&amp;gt; To: John Wells &amp;lt;jb at sourceillustrated.com&amp;gt;,
#ale at ale.org
#&amp;lt;ale at ale.org&amp;gt;
#&amp;gt; Subject: RE: [ale] chown operation not permitted
#&amp;gt; Date: 04-24-02 18:04
#&amp;gt;
#&amp;gt; &amp;gt; Is this on FTP or through shell access?
#&amp;gt;
#&amp;gt; -----Original Message-----
#&amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
#&amp;gt; Sent: Wednesday, April 24, 2002 6:25 AM
#&amp;gt; To: ale at ale.org
#&amp;gt; Subject: [ale] chown operation not permitted
#&amp;gt;
#&amp;gt;
#&amp;gt; I'm trying to change ownership of a file on my ISP's box.  I own
#the
#file,
#&amp;gt; but when I attempt to change it I get an &amp;amp;quot;operation
#not
#&amp;gt; permitted&amp;amp;quot;
#&amp;gt; error.
#&amp;gt;
#&amp;gt; I remember in the past being able to disable non-root chowns on
#Solaris
#&amp;gt; and
#&amp;gt; I'm betting there's a way to set this under Linux.  For the life of
#me, I
#&amp;gt; can't remember how.
#&amp;gt;
#&amp;gt; Can anyone point me in the right direction for info about this?
#&amp;gt;
#&amp;gt; Thanks,
#&amp;gt; John
#&amp;gt;
#&amp;gt;
#&amp;gt; ---
#&amp;gt; This message has been sent through the ALE general discussion list.
#&amp;gt; See http://www.ale.org/mailing-lists.shtml for more info. Problems
#should
#&amp;gt; be
#&amp;gt; sent to listmaster at ale dot org.
#&amp;gt;
#&amp;gt;
#&amp;gt; ---
#&amp;gt; This message has been sent through the ALE general discussion list.
#&amp;gt; See http://www.ale.org/mailing-lists.shtml for more info. Problems
#should
#&amp;gt; be
#&amp;gt; sent to listmaster at ale dot org.
#
#
#---
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
#sent to listmaster at ale dot org.
#
#
#---
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
#sent to listmaster at ale dot org.
#

Jerry Z. Yu					+1-404-262-8544 (O)
systems engineer				z.yu at voicecom.com
is support, voicecom, llc			www.voicecom.com


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list