Bug 487582
Summary: | Root chown of file does not preserve setuid bit | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Victor Gregorio <contactvictorg> |
Component: | coreutils | Assignee: | Ondrej Vasik <ovasik> |
Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE <qe-baseos-auto> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 5.2 | CC: | tim.w.connors |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-03-03 14:26:39 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Victor Gregorio
2009-02-26 20:15:57 UTC
Thanks for report, I agree it is somewhat tricky behaviour but as said in upstream NEWS 5.3.0 (between RHEL-4 and RHEL-5): "Do not optimize away the chown() system call when the file's owner and group already have the desired value. This optimization was incorrect, as it failed to update the last-changed time and reset special permission bits, as POSIX requires." Posix formulation (http://www.opengroup.org/onlinepubs/000095399/utilities/chown.html): "Unless chown is invoked by a process with appropriate privileges, the set-user-ID and set-group-ID bits of a regular file shall be cleared upon successful completion; the set-user-ID and set-group-ID bits of other file types may be cleared." As no change is succesful completition it looks like POSIX requires it. Therefore I would call it NOTABUG and intentional change as we should be as POSIX compliant as possible. Closing NOTABUG. You missed the first part of that clause though, Ondrej: "Unless chown is invoked by a process with appropriate privileges" I believe root has appropriate privileges. I suspect that clause is not in support of the change made in the 2.6 kernel. There may be other clauses, but not this one. I believe this is still a bug. |