bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#52481: chown of coreutils may delete the suid of file

From: Kamil Dudka
Subject: bug#52481: chown of coreutils may delete the suid of file
Date: Tue, 14 Dec 2021 16:33:00 +0100 
On Tuesday, December 14, 2021 3:49:37 AM CET 21625039 wrote:
> I encountered a problem with chown on my fedora34 as the version of
> coreutils is 8.32.
> 
> 
> 
> The reproduce process could see the steps blow:
> 
> [root@fedora ~]# ll test.txt
> 
> -rw-r--r--. 1 root root 0 Dec 13 21:13 test.txt
> 
> [root@fedora ~]# chmod 4750 test.txt
> 
> [root@fedora ~]# ll test.txt
> 
> -rwsr-x---. 1 root root 0 Dec 13 21:13 test.txt
> 
> [root@fedora ~]# chown root:root test.txt
> 
> [root@fedora ~]# ll test.txt
> 
> -rwxr-x---. 1 root root 0 Dec 13 21:13 test.txt

I believe this is already documented [1]:

    "The chown command sometimes clears the set-user-ID or set-group-ID
    permission bits. This behavior depends on the policy and functionality
    of the underlying chown system call, which may make system-dependent
    file mode modifications outside the control of the chown command."

Kamil

[1] 
https://www.gnu.org/software/coreutils/manual/html_node/chown-invocation.html

> [root@fedora ~]# rpm -qa coreutils
> 
> coreutils-8.32-19.fc34.x86_64
> 
> [root@fedora ~]# cat /etc/fedora-release
> 
> Fedora release 34 (Thirty Four)
> 
> 
> 
> Looking forward to hearing from you!
> 
> Thanks.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]