GNU bug report logs -
#52481
chown of coreutils may delete the suid of file
Previous Next
Reported by: "21625039" <21625039 <at> zju.edu.cn>
Date: Tue, 14 Dec 2021 14:53:01 UTC
Severity: normal
Tags: notabug
Done: Paul Eggert <eggert <at> cs.ucla.edu>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
On Tuesday, December 14, 2021 3:49:37 AM CET 21625039 wrote:
> I encountered a problem with chown on my fedora34 as the version of
> coreutils is 8.32.
>
>
>
> The reproduce process could see the steps blow:
>
> [root <at> fedora ~]# ll test.txt
>
> -rw-r--r--. 1 root root 0 Dec 13 21:13 test.txt
>
> [root <at> fedora ~]# chmod 4750 test.txt
>
> [root <at> fedora ~]# ll test.txt
>
> -rwsr-x---. 1 root root 0 Dec 13 21:13 test.txt
>
> [root <at> fedora ~]# chown root:root test.txt
>
> [root <at> fedora ~]# ll test.txt
>
> -rwxr-x---. 1 root root 0 Dec 13 21:13 test.txt
I believe this is already documented [1]:
"The chown command sometimes clears the set-user-ID or set-group-ID
permission bits. This behavior depends on the policy and functionality
of the underlying chown system call, which may make system-dependent
file mode modifications outside the control of the chown command."
Kamil
[1] https://www.gnu.org/software/coreutils/manual/html_node/chown-invocation.html
> [root <at> fedora ~]# rpm -qa coreutils
>
> coreutils-8.32-19.fc34.x86_64
>
> [root <at> fedora ~]# cat /etc/fedora-release
>
> Fedora release 34 (Thirty Four)
>
>
>
> Looking forward to hearing from you!
>
> Thanks.
This bug report was last modified 3 years and 151 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.