current-users: Re: chown, quotas and security

Subject: Re: chown, quotas and security
To: None <current-users@netbsd.org>
From: matthew green <mrg@mame.mu.OZ.AU>
List: current-users
Date: 11/07/1994 20:17:43

   
   The chown(2) system call turns off the setuid and/or setgid bits as
   appropriate, so this is not a concern.

except in this case:

splode /tmp# ls -l sh
-r-xr-xr-x  1 mrg  wheel  335872 Nov  7 20:05 sh
splode /tmp# chmod u+s sh
splode /tmp# chown root sh
splode /tmp# ls -l sh
-r-sr-xr-x  1 root  wheel  335872 Nov  7 20:05 sh

.mrg.