Subject: Re: chown
To: Bruce Anderson <brucea@spacestar.net>
From: Ed Lauman <elauman@interlynx.net>
List: port-mac68k
Date: 07/15/2000 09:50:55
I know it sounds kind of stupid, but I was told to delete some files off the
server at work, and when I told my boss, I wasn't the owner, and that I
could only delete them if I got root, she told me she would delete them.
Since my boss and I have practically the same access privileges, I wanted to
know how she could do that. She said that the guy who actually has root gave
her a special command that allows her to do that. I immediately saw the
potential security problem, so I thought I'd find out how something like
that would work. Ed
-----Original Message-----
From: Bruce Anderson <brucea@spacestar.net>
To: port-mac68k@netbsd.org <port-mac68k@netbsd.org>
Date: Friday, July 14, 2000 4:30 PM
Subject: Re: chown
>If you can chown any file your not a regular user, your a root user
>and you can look at and change any file on the system, so the simple
>answer to your question is no.
>
>What is the application here?
>
>
>
>
>
>" Stamp out root login's . . . . su " --Bruce Anderson
> This message was created and sent using Cyberdog 2.0, MacOS 8.6,
> awk, find, sed, sendmail, sh, and NetBSD a free Multi-Platform OS.
>
>On Fri, Jul 14, 2000 2:51 PM, Avi Norowitz <mailto:avin@ice.tj> wrote:
>>What's the purpose of that? Once they have the ability to chown
>>everything to them, they can simply `chown me /etc/passwd` and add
>>themselves a root account. :-)
>>
>>> Edvard Lauman wrote:
>>>
>>> this is kind of off topic, but say I wanted to give someone the
>>> ability to chown anything and everything on a machine, even if they
>>> weren't root, but I don't want to make them root. i.e. they have
>>> root's ability to chown everything, but other than that, they're a
>>> regular user. How would I do that? Ed
>>
>>--
>> Avi Norowitz avin@ice.tj
>> Ice Mail http://www.ice.tj
>>
>>
>
>
>
>