[OpenAFS-devel] Re: MEMORY credential cache interop between
Heimdal and MIT?
Jeffrey Hutzelman
jhutz@cmu.edu
Wed, 05 Sep 2007 16:50:27 -0400
On Thursday, August 30, 2007 02:26:57 PM -0400 Jim Rees <rees@umich.edu>
wrote:
> Steve Simmons wrote:
>
> It's how UNIX in general used to work (chown allowing you to give
> away files) up through v7.
>
> You've got it backwards. Unix never allowed users to give away files up
> through v7. That ability was introduced in System III.
... and persists to this day in SVR4-derived systems. There's nothing
insecure about it, as long as the proper semantics are obeyed. For
example, systems which permit this also turn off the setid bits when the
owner of a file is changed.
The restriction that only privileged users can change the owner of a file
was reintroduced in BSD and remains in pretty much every system that
dervies from it. As far as I've been able to tell, this was done primarily
to prevent users from giving away files to circumvent UID-based disk
quotas, which were also introduced in BSD.
-- Jeff