Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

chown: Operation not permitted

126 views
Skip to first unread message

Dmitriy Chumack

unread,
Dec 3, 2007, 12:12:38 PM12/3/07
to
Hi *

slackware 12.0
linux-2.6.22.6

I'm trying to chown my file but I get an error:

$ ls -l
-rw-r--r-- 1 dc root 6 2007-12-03 19:03 test

$ chown nobody test
chown: changing ownership of `test': Operation not permitted

From the manpage of chown(2):

"Only a privileged process (Linux: one with the CAP_CHOWN capability)
may change the owner of a file. The owner of a file may change the
group of the file to any group of which that owner is a member."

Does it mean that I can't change the owner of arbitrary file that
belongs to me??? How can I enable CAP_CHOWN for myself by default to
be able to change owner.

Thanks in advance

Rainer Weikusat

unread,
Dec 3, 2007, 12:27:50 PM12/3/07
to
Dmitriy Chumack <sain...@gmail.com> writes:
> slackware 12.0
> linux-2.6.22.6
>
> I'm trying to chown my file but I get an error:
>
> $ ls -l
> -rw-r--r-- 1 dc root 6 2007-12-03 19:03 test
>
> $ chown nobody test
> chown: changing ownership of `test': Operation not permitted
>
> From the manpage of chown(2):
>
> "Only a privileged process (Linux: one with the CAP_CHOWN capability)
> may change the owner of a file. The owner of a file may change the
> group of the file to any group of which that owner is a member."
>
> Does it mean that I can't change the owner of arbitrary file that
> belongs to me???

Yes. If users could change the ownership of files belonging to them,
they could very easily defeat per-user disk quotas.

Bill Marcum

unread,
Dec 3, 2007, 12:42:34 PM12/3/07
to
On 2007-12-03, Dmitriy Chumack <sain...@gmail.com> wrote:
>
> "Only a privileged process (Linux: one with the CAP_CHOWN capability)
> may change the owner of a file. The owner of a file may change the
> group of the file to any group of which that owner is a member."
>
> Does it mean that I can't change the owner of arbitrary file that
> belongs to me??? How can I enable CAP_CHOWN for myself by default to
> be able to change owner.
>
> Thanks in advance

sudo chown

Wolfgang Draxinger

unread,
Dec 3, 2007, 2:16:02 PM12/3/07
to
Dmitriy Chumack wrote:

> Does it mean that I can't change the owner of arbitrary file
> that belongs to me???

Yes, that is for two main reasons:
* One could circumvent disk quotas, or exceed the disk quota of
anoter user.
* One could set a executable SUID/SGID and then chown root:root
thus gaining superuser privileges.

Wolfgang Draxinger
--
E-Mail address works, Jabber: hexa...@jabber.org, ICQ: 134682867

Dmitriy Chumack

unread,
Dec 3, 2007, 2:29:34 PM12/3/07
to
On Dec 3, 9:16 pm, Wolfgang Draxinger <wdraxin...@darkstargames.de>
wrote:

> * One could set a executable SUID/SGID and then chown root:root
> thus gaining superuser privileges.

from chown(2):
"When the owner or group of an executable file are changed by a non-
superuser, the S_ISUID and S_ISGID mode bits are cleared."

so the above reason is the case

0 new messages