Return to BSD News archive
Newsgroups: comp.os.386bsd.bugs
Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!agate!howland.reston.ans.net!usc!rpi!ghost.dsi.unimi.it!serini
From: serini@ghost.dsi.unimi.it (Piero Serini)
Subject: chmod(1) patches
Organization: Computer Science Dep. - Milan University
Date: Thu, 11 Mar 1993 01:13:11 GMT
Message-ID: <1993Mar11.011311.28156@ghost.dsi.unimi.it>
Lines: 256
Hi all.
Please find here enclosed a diff file to patch
/usr/src/usr.sbin/chmod/* files:
If compiled with -DONLYROOT it acts the standard mode,
else allows non-root users to chown files to other users.
File ownership must be the same of the caller's id,
and bits s-uid and s-gid are cleared before chown cahnges
file(s)' ownership.
Bye
Piero
*** Makefile.orig Wed Mar 10 19:15:46 1993
--- Makefile Wed Mar 10 19:01:33 1993
***************
*** 1,9 ****
--- 1,13 ----
# @(#)Makefile 5.4 (Berkeley) 10/26/90
+ # to compile in standard mode, add -DONLYROOT to CFLAGS, and comment BINOWN and BINMODE
+
PROG= chown
CFLAGS+=-DSUPPORT_DOT
MAN1= chgrp.0
MAN8= chown.0
+ BINOWN= root
+ BINMODE=4555
LINKS= ${BINDIR}/chown /usr/bin/chgrp
.include <bsd.prog.mk>
*** chgrp.1.orig Wed Mar 10 19:15:57 1993
--- chgrp.1 Wed Mar 10 19:26:49 1993
***************
*** 79,87 ****
A pathname of a file whose group ID is to be modified.
.El
.Pp
! The user invoking
! must belong
! to the specified group and be the owner of the file, or be the super-user.
.Pp
The
.Nm chgrp
--- 79,90 ----
A pathname of a file whose group ID is to be modified.
.El
.Pp
! If chown(8) is compiled in standard mode, the user invoking
! .Nm chgrp
! must belong to the specified group and be the owner of the file,
! or be the super-user, otherwise the user invoking
! .Nm chgrp
! must be the owner of the file or the super-user.
.Pp
The
.Nm chgrp
***************
*** 101,103 ****
--- 104,113 ----
.Nm chgrp
function is expected to be POSIX 1003.2 compatible.
This manual page is derived from the POSIX 1003.2 manual page.
+ .Sh AUTHORS
+ This version of
+ .Nm chgrp
+ is Copyright (c) 1988 Regents of the University of California.
+ .Pp
+ If not compiled in standard mode, please send all bug reports
+ to Piero Serini (piero@strider.st.dsi.unimi.it)
*** chown.8.orig Wed Mar 10 19:16:15 1993
--- chown.8 Wed Mar 10 19:27:11 1993
***************
*** 80,87 ****
If a group name is also a numeric group ID, the operand is used as a
group name.
.Pp
! The ownership of a file may only be altered by a super-user for
! obvious security reasons.
.Pp
The owner and group of symbolic links are themselves changed instead
of the file to which the link points.
--- 80,95 ----
If a group name is also a numeric group ID, the operand is used as a
group name.
.Pp
! If
! .Nm chown
! is compiled in standard mode, the ownership of a file may only be
! altered by the super-user, otherwise the user invoking
! .Nm chown
! must be the owner of the file or the super-user.
! .Pp
! For security reasons, both set-user-uid-on-execution bit and
! set-group-id-on-execution bit are cleared before the ownership
! or the group of the file(s) are changed.
.Pp
The owner and group of symbolic links are themselves changed instead
of the file to which the link points.
***************
*** 103,105 ****
--- 111,120 ----
The
.Nm chown
command is expected to be POSIX 1003.2 compliant.
+ .Sh AUTHORS
+ This version of
+ .Nm chown
+ is Copyright (c) 1988 Regents of the University of California.
+ .Pp
+ If not compiled in standard mode, please send all bug reports
+ to Piero Serini (piero@strider.st.dsi.unimi.it)
*** chown.c.orig Wed Mar 10 19:16:24 1993
--- chown.c Wed Mar 10 18:58:42 1993
***************
*** 31,36 ****
--- 31,41 ----
* SUCH DAMAGE.
*/
+ /*
+ * ONLYROOT flag added by Piero Serini (piero@strider.st.dsi.unimi.it)
+ * Wed Mar 10 18:58:19 MET 1993
+ */
+
#ifndef lint
char copyright[] =
"@(#) Copyright (c) 1988 Regents of the University of California.\n\
***************
*** 44,49 ****
--- 49,55 ----
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/errno.h>
+ #include <sys/types.h>
#include <dirent.h>
#include <fts.h>
#include <pwd.h>
***************
*** 54,62 ****
#include <stdlib.h>
#include <string.h>
! int ischown, uid, gid, fflag, rflag, retval;
char *gname, *myname;
main(argc, argv)
int argc;
char **argv;
--- 60,72 ----
#include <stdlib.h>
#include <string.h>
! int ischown, fflag=0, rflag=0, retval=0;
! int uid, my_uid;
! int gid;
char *gname, *myname;
+ int Chown(char *, int, int);
+
main(argc, argv)
int argc;
char **argv;
***************
*** 67,72 ****
--- 77,84 ----
register char *cp;
int ch;
+ my_uid = getuid();
+
myname = (cp = rindex(*argv, '/')) ? cp + 1 : *argv;
ischown = myname[2] == 'o';
***************
*** 118,131 ****
error(p->fts_path);
continue;
}
! if (chown(p->fts_accpath, uid, gid) && !fflag)
! chownerr(p->fts_path);
}
exit(retval);
}
while (*++argv)
! if (chown(*argv, uid, gid) && !fflag)
chownerr(*argv);
exit(retval);
}
--- 130,152 ----
error(p->fts_path);
continue;
}
! #ifdef ONLYROOT
! if (chown(p->fts_accpath, (int)uid, (int)gid) && !(fflag))
! chownerr(p->fts_accpath);
! #else
! Chown(p->fts_accpath, (int)uid, (int)gid);
! #endif ONLYROOT
}
exit(retval);
}
while (*++argv)
! #ifdef ONLYROOT
! if (chown(*argv, (int)uid, (int)gid) && !(fflag))
chownerr(*argv);
+ #else
+
+ Chown(*argv, (int)uid, (int)gid);
+ #endif ONLYROOT
exit(retval);
}
***************
*** 175,180 ****
--- 196,232 ----
exit(1);
}
}
+ }
+
+ int
+ Chown(path, owner, group) /* as we run setuid(root), we must check */
+ char *path; /* file ownership and bit(s) suid/sgid */
+ int owner;
+ int group;
+ {
+ struct stat st;
+ extern int errno;
+
+ if (stat(path, &st) == -1) {
+ perror(path);
+ exit(1);
+ }
+
+ /* check for file ownership */
+ if (my_uid) {
+ if (st.st_uid != my_uid) {
+ errno = EPERM;
+ perror(path);
+ return -1;
+ }
+ }
+
+ /* clear bit s_uid and s_gid */
+ if (st.st_mode & (S_ISGID | S_ISUID))
+ (void) chmod(path, st.st_mode & ~(S_ISGID | S_ISUID));
+
+ if (chown(path, owner, group) && !fflag)
+ chownerr(path);
}
chownerr(file)
--
------------------------------------------ Piero Serini -----------
Computer Science Dept. E-mail: serini@ghost.dsi.unimi.it
Univ. Statale - Milano - ITALY or: piero@strider.st.dsi.unimi.it
--------------- Public Key available via finger(1) ----------------