[ale] chown operation not permitted

John Wells jb at sourceillustrated.com
Thu Apr 25 07:03:16 EDT 2002 

While I agree that it's not the best idea, I'd just like to know if it can
be done.

Thanks,

John


---------  Original message --------
From: Jerry Z. Yu <z.yu at ptek.com>
To: ale at ale.org
To: John Wells <jb at sourceillustrated.com>
CC: ale at ale.org
Subject: RE: [ale] chown operation not permitted
Date: 04-25-02 14:59

> 	I don't think you want to disable it. consider the security
risk: assume you can set SUID on files you own. you then chown to root or
other powerful users. this way any user can give himeself more
priviledges. Not mention identity confusion. Say someone download
some porn to the server, chown to your uid, will you like it?
you can always force group permission to allow sharing (if that's
your goal. BTW, what do you try to achieve?),  or you have to, set up sudo
to allow specific command to be issued against certain files.

On Thu, 25 Apr 2002, John Wells wrote:

#Just got a reply from my hosting company and he stated that in RedHat
#installs, chown is disabled by default for anyone other than root.
#
#So, running RedHat myself, I gave it a try.  Sure enough...&quot;operation
not
#permitted&quot;.
#
#Man, when was this implemented?  I could swear that it wasn't like this in
#earlier (5.x - 6.x) releases.
#
#Anyway, does anyone know how to disable this?
#
#Thanks,
#John
#
#---------  Original message --------
#From: John Wells &lt;jb at sourceillustrated.com&gt;
#To: ale at ale.org &lt;ale at ale.org&gt;
#Subject: RE: [ale] chown operation not permitted
#Date: 04-25-02 12:58
#
#&gt; No.  lsattr shows no flags:
#
#$ lsattr testattr
#-------------- testattr
#
#Anyway, I can't chattr if I wanted to...seems I don't have permissions if I
#don't have root.  Thanks for the suggestion though.
#
#Any other thoughts?  In Solaris, I know there's a config item in one the
#system scripts that will disable chown *system-wide*.  Is there anything
#like that for linux?
#
#Thanks,
#John
#
#
#
#Original message --------
#From: Christopher &amp;lt;christopher at bergeron.com&amp;gt;
#To: 'John Wells' &amp;lt;jb at sourceillustrated.com&amp;gt;
#Subject: RE: [ale] chown operation not permitted
#Date: 04-24-02 18:27
#
#&amp;gt; Have you tried using chattr to change the attributes?  It might be
an
#immutable file. (i flag I think).
#
#-CB
#
#&amp;amp;gt; -----Original Message-----
#&amp;amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
#&amp;amp;gt; Sent: Wednesday, April 24, 2002 10:15 AM
#&amp;amp;gt; To: John C; John Wells; ale at ale.org
#&amp;amp;gt; Subject: RE: [ale] chown operation not permitted
#&amp;amp;gt;
#&amp;amp;gt; It's through a shell using ssh
#&amp;amp;gt;
#&amp;amp;gt;
#&amp;amp;gt; ---------  Original message --------
#&amp;amp;gt; From: John C &amp;amp;lt;jcouncilman at knology.net&amp;amp;gt;
#&amp;amp;gt; To: John Wells
&amp;amp;lt;jb at sourceillustrated.com&amp;amp;gt;,
#ale at ale.org
#&amp;amp;lt;ale at ale.org&amp;amp;gt;
#&amp;amp;gt; Subject: RE: [ale] chown operation not permitted
#&amp;amp;gt; Date: 04-24-02 18:04
#&amp;amp;gt;
#&amp;amp;gt; &amp;amp;gt; Is this on FTP or through shell access?
#&amp;amp;gt;
#&amp;amp;gt; -----Original Message-----
#&amp;amp;gt; From: John Wells [mailto:jb at sourceillustrated.com]
#&amp;amp;gt; Sent: Wednesday, April 24, 2002 6:25 AM
#&amp;amp;gt; To: ale at ale.org
#&amp;amp;gt; Subject: [ale] chown operation not permitted
#&amp;amp;gt;
#&amp;amp;gt;
#&amp;amp;gt; I'm trying to change ownership of a file on my ISP's box.  I
own
#the
#file,
#&amp;amp;gt; but when I attempt to change it I get an
&amp;amp;amp;quot;operation
#not
#&amp;amp;gt; permitted&amp;amp;amp;quot;
#&amp;amp;gt; error.
#&amp;amp;gt;
#&amp;amp;gt; I remember in the past being able to disable non-root chowns
on
#Solaris
#&amp;amp;gt; and
#&amp;amp;gt; I'm betting there's a way to set this under Linux.  For the
life of
#me, I
#&amp;amp;gt; can't remember how.
#&amp;amp;gt;
#&amp;amp;gt; Can anyone point me in the right direction for info about
this?
#&amp;amp;gt;
#&amp;amp;gt; Thanks,
#&amp;amp;gt; John
#&amp;amp;gt;
#&amp;amp;gt;
#&amp;amp;gt; ---
#&amp;amp;gt; This message has been sent through the ALE general discussion
list.
#&amp;amp;gt; See http://www.ale.org/mailing-lists.shtml for more info.
Problems
#should
#&amp;amp;gt; be
#&amp;amp;gt; sent to listmaster at ale dot org.
#&amp;amp;gt;
#&amp;amp;gt;
#&amp;amp;gt; ---
#&amp;amp;gt; This message has been sent through the ALE general discussion
list.
#&amp;amp;gt; See http://www.ale.org/mailing-lists.shtml for more info.
Problems
#should
#&amp;amp;gt; be
#&amp;amp;gt; sent to listmaster at ale dot org.
#
#
#---
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should
be
#sent to listmaster at ale dot org.
#
#
#---
#This message has been sent through the ALE general discussion list.
#See http://www.ale.org/mailing-lists.shtml for more info. Problems should
be
#sent to listmaster at ale dot org.
#

Jerry Z. Yu					+1-404-262-8544 (O)
systems engineer				z.yu at voicecom.com
is support, voicecom, llc			www.voicecom.com


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list