Return to BSD News archive
Newsgroups: comp.os.386bsd.bugs Path: sserve!newshost.anu.edu.au!munnari.oz.au!news.Hawaii.Edu!ames!agate!howland.reston.ans.net!usc!rpi!ghost.dsi.unimi.it!serini From: serini@ghost.dsi.unimi.it (Piero Serini) Subject: chmod(1) patches Organization: Computer Science Dep. - Milan University Date: Thu, 11 Mar 1993 01:13:11 GMT Message-ID: <1993Mar11.011311.28156@ghost.dsi.unimi.it> Lines: 256 Hi all. Please find here enclosed a diff file to patch /usr/src/usr.sbin/chmod/* files: If compiled with -DONLYROOT it acts the standard mode, else allows non-root users to chown files to other users. File ownership must be the same of the caller's id, and bits s-uid and s-gid are cleared before chown cahnges file(s)' ownership. Bye Piero *** Makefile.orig Wed Mar 10 19:15:46 1993 --- Makefile Wed Mar 10 19:01:33 1993 *************** *** 1,9 **** --- 1,13 ---- # @(#)Makefile 5.4 (Berkeley) 10/26/90 + # to compile in standard mode, add -DONLYROOT to CFLAGS, and comment BINOWN and BINMODE + PROG= chown CFLAGS+=-DSUPPORT_DOT MAN1= chgrp.0 MAN8= chown.0 + BINOWN= root + BINMODE=4555 LINKS= ${BINDIR}/chown /usr/bin/chgrp .include <bsd.prog.mk> *** chgrp.1.orig Wed Mar 10 19:15:57 1993 --- chgrp.1 Wed Mar 10 19:26:49 1993 *************** *** 79,87 **** A pathname of a file whose group ID is to be modified. .El .Pp ! The user invoking ! must belong ! to the specified group and be the owner of the file, or be the super-user. .Pp The .Nm chgrp --- 79,90 ---- A pathname of a file whose group ID is to be modified. .El .Pp ! If chown(8) is compiled in standard mode, the user invoking ! .Nm chgrp ! must belong to the specified group and be the owner of the file, ! or be the super-user, otherwise the user invoking ! .Nm chgrp ! must be the owner of the file or the super-user. .Pp The .Nm chgrp *************** *** 101,103 **** --- 104,113 ---- .Nm chgrp function is expected to be POSIX 1003.2 compatible. This manual page is derived from the POSIX 1003.2 manual page. + .Sh AUTHORS + This version of + .Nm chgrp + is Copyright (c) 1988 Regents of the University of California. + .Pp + If not compiled in standard mode, please send all bug reports + to Piero Serini (piero@strider.st.dsi.unimi.it) *** chown.8.orig Wed Mar 10 19:16:15 1993 --- chown.8 Wed Mar 10 19:27:11 1993 *************** *** 80,87 **** If a group name is also a numeric group ID, the operand is used as a group name. .Pp ! The ownership of a file may only be altered by a super-user for ! obvious security reasons. .Pp The owner and group of symbolic links are themselves changed instead of the file to which the link points. --- 80,95 ---- If a group name is also a numeric group ID, the operand is used as a group name. .Pp ! If ! .Nm chown ! is compiled in standard mode, the ownership of a file may only be ! altered by the super-user, otherwise the user invoking ! .Nm chown ! must be the owner of the file or the super-user. ! .Pp ! For security reasons, both set-user-uid-on-execution bit and ! set-group-id-on-execution bit are cleared before the ownership ! or the group of the file(s) are changed. .Pp The owner and group of symbolic links are themselves changed instead of the file to which the link points. *************** *** 103,105 **** --- 111,120 ---- The .Nm chown command is expected to be POSIX 1003.2 compliant. + .Sh AUTHORS + This version of + .Nm chown + is Copyright (c) 1988 Regents of the University of California. + .Pp + If not compiled in standard mode, please send all bug reports + to Piero Serini (piero@strider.st.dsi.unimi.it) *** chown.c.orig Wed Mar 10 19:16:24 1993 --- chown.c Wed Mar 10 18:58:42 1993 *************** *** 31,36 **** --- 31,41 ---- * SUCH DAMAGE. */ + /* + * ONLYROOT flag added by Piero Serini (piero@strider.st.dsi.unimi.it) + * Wed Mar 10 18:58:19 MET 1993 + */ + #ifndef lint char copyright[] = "@(#) Copyright (c) 1988 Regents of the University of California.\n\ *************** *** 44,49 **** --- 49,55 ---- #include <sys/param.h> #include <sys/stat.h> #include <sys/errno.h> + #include <sys/types.h> #include <dirent.h> #include <fts.h> #include <pwd.h> *************** *** 54,62 **** #include <stdlib.h> #include <string.h> ! int ischown, uid, gid, fflag, rflag, retval; char *gname, *myname; main(argc, argv) int argc; char **argv; --- 60,72 ---- #include <stdlib.h> #include <string.h> ! int ischown, fflag=0, rflag=0, retval=0; ! int uid, my_uid; ! int gid; char *gname, *myname; + int Chown(char *, int, int); + main(argc, argv) int argc; char **argv; *************** *** 67,72 **** --- 77,84 ---- register char *cp; int ch; + my_uid = getuid(); + myname = (cp = rindex(*argv, '/')) ? cp + 1 : *argv; ischown = myname[2] == 'o'; *************** *** 118,131 **** error(p->fts_path); continue; } ! if (chown(p->fts_accpath, uid, gid) && !fflag) ! chownerr(p->fts_path); } exit(retval); } while (*++argv) ! if (chown(*argv, uid, gid) && !fflag) chownerr(*argv); exit(retval); } --- 130,152 ---- error(p->fts_path); continue; } ! #ifdef ONLYROOT ! if (chown(p->fts_accpath, (int)uid, (int)gid) && !(fflag)) ! chownerr(p->fts_accpath); ! #else ! Chown(p->fts_accpath, (int)uid, (int)gid); ! #endif ONLYROOT } exit(retval); } while (*++argv) ! #ifdef ONLYROOT ! if (chown(*argv, (int)uid, (int)gid) && !(fflag)) chownerr(*argv); + #else + + Chown(*argv, (int)uid, (int)gid); + #endif ONLYROOT exit(retval); } *************** *** 175,180 **** --- 196,232 ---- exit(1); } } + } + + int + Chown(path, owner, group) /* as we run setuid(root), we must check */ + char *path; /* file ownership and bit(s) suid/sgid */ + int owner; + int group; + { + struct stat st; + extern int errno; + + if (stat(path, &st) == -1) { + perror(path); + exit(1); + } + + /* check for file ownership */ + if (my_uid) { + if (st.st_uid != my_uid) { + errno = EPERM; + perror(path); + return -1; + } + } + + /* clear bit s_uid and s_gid */ + if (st.st_mode & (S_ISGID | S_ISUID)) + (void) chmod(path, st.st_mode & ~(S_ISGID | S_ISUID)); + + if (chown(path, owner, group) && !fflag) + chownerr(path); } chownerr(file) -- ------------------------------------------ Piero Serini ----------- Computer Science Dept. E-mail: serini@ghost.dsi.unimi.it Univ. Statale - Milano - ITALY or: piero@strider.st.dsi.unimi.it --------------- Public Key available via finger(1) ----------------