COMMAND
kernel
SYSTEMS AFFECTED
SCO
PROBLEM
Fabio Pietrosanti posted following. Note that this is feature
and not bug. If you copy a file using cp -p it preserve also
ownership of the file. How should this appens? If you are user
test how could you write a file with bin permission? Suid cp?
Look here...
#### Sco OpenServer ####
$ uname -a
SCO_SV ibis2 3.2 5.0.5 i386
$ id
uid=209(test) gid=50(group) groups=50(group)
$ cp -p /etc/passwd /tmp/test1
$ ls -al /tmp/test1
-rw-rw-r-- 1 bin auth 1208 Jan 31 15:18 /tmp/test1
$ ls -al /etc/passwd
-rw-rw-r-- 1 bin auth 1208 Jan 31 15:18 /etc/passwd
$ ls -al /bin/cp
lrwxrwxrwx 1 root root 30 Dec 15 1999 /bin/cp ->
/opt/K/SCO/Unix/5.0.5Eb/bin/cp
$ ls -al /opt/K/SCO/Unix/5.0.5Eb/bin/cp
-rwx--x--x 1 bin bin 35860 Jul 28 1998
/opt/K/SCO/Unix/5.0.5Eb/bin/cp
$ cp /etc/passwd /tmp/test2
$ ls -al /tmp/test2
-rw-r--r-- 1 test group 1208 Jul 20 13:16 /tmp/test2
#### Linux ####
naif:~$ uname -a
Linux naif 2.2.16 #2 Tue Jul 4 18:34:31 CEST 2000 i686 unknown
naif:~$ cp -p /etc/passwd /tmp/test1
naif:~$ ls -al /tmp/test1
-rw-r--r-- 1 naif users 420 Jul 13 15:12 /tmp/test1
naif:~$ cp /etc/passwd /tmp/test2
naif:~$ ls -al /tmp/test2
-rw-r--r-- 1 naif users 420 Jul 20 13:24 /tmp/test2
naif:~$ ls -al /bin/cp
-rwxr-xr-x 1 root bin 27188 Jun 21 10:31 /bin/cp*
SOLUTION
Ancient history. On OSes derived from UNIX System V (including
SCO), unprivileged users can give away ownership of their files
using the chown() system call (which is exactly what "cp -p"
does). When you give away ownership, it clears the setuid and
setgid bits (if either was set) to avoid the obvious security
risk. BSD-derived systems don't allow giving away file ownership
unless you're a privileged user.
This was described in the POSIX standard as an optional behavior,
to allow both the System V behavior that you described, as well as
the BSD behavior which is what Linux seems to implement.
In other words, this is a feature, not a bug.