Bug 123263

Summary: /bin/chown sets ownership of link instead of link target
Product: [Fedora] Fedora Reporter: Mukund <muks>
Component: coreutilsAssignee: Tim Waugh <twaugh>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: 5.2.1-9 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-05-18 07:56:07 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Mukund 2004-05-14 18:44:50 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
This bug has been reported on bugtraq. It is a significant issue.

http://www.securityfocus.com/archive/1/363335/2004-05-11/2004-05-17/0

The summary should describe what the bug is. The following is an
example shell session showing it:

----

[root@brush zz]# id
uid=0(root) gid=0(root)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
[root@brush zz]# touch one
[root@brush zz]# ls -l one
-rw-r--r--  1 root root 0 May 14 23:34 one
[root@brush zz]# ln -s one two
[root@brush zz]# ls -l
total 0
-rw-r--r--  1 root root 0 May 14 23:34 one
lrwxrwxrwx  1 root root 3 May 14 23:34 two -> one
[root@brush zz]# chmod u+s two
[root@brush zz]# ls -l
total 0
-rwSr--r--  1 root root 0 May 14 23:34 one
lrwxrwxrwx  1 root root 3 May 14 23:34 two -> one
[root@brush zz]# chown mysql two
[root@brush zz]# ls -l
total 0
-rwSr--r--  1 root  root 0 May 14 23:34 one
lrwxrwxrwx  1 mysql root 3 May 14 23:34 two -> one
[root@brush zz]#

----

Here, 'one' should be both owned by user 'mysql' and with permissions
u+s, which is the expected result.



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Please see the description.



Additional info:
Comment 1 Mukund 2004-05-14 18:49:48 EDT
I should add that this a bug because the default behaviours of
/bin/chmod and /bin/chown are different. One works on the link itself
and the other works on the link target.

chmod and chown together as paired commands are frequently used in
install scripts.

Comment 2 Mark J. Cox (Product Security) 2004-05-17 04:01:24 EDT
See http://marc.theaimsgroup.com/?t=108455463900002&r=1&w=2
for the entire thread
Comment 3 Tim Waugh 2004-05-18 07:56:07 EDT
I took the upstream patch and built 5.2.1-9 with the patch applied.