COMMAND

    kernel

SYSTEMS AFFECTED

    SCO

PROBLEM

    Fabio Pietrosanti  posted following.   Note that  this is  feature
    and not  bug.   If you  copy a  file using  cp -p it preserve also
    ownership of the file.  How  should this appens?  If you  are user
    test how could  you write a  file with bin  permission?  Suid  cp?
    Look here...

        #### Sco OpenServer ####
        
        $ uname -a
        SCO_SV ibis2 3.2 5.0.5 i386
        $ id
        uid=209(test) gid=50(group) groups=50(group)
        $ cp -p /etc/passwd /tmp/test1
        $ ls -al /tmp/test1
        -rw-rw-r--   1 bin      auth        1208 Jan 31 15:18 /tmp/test1
        $ ls -al /etc/passwd
        -rw-rw-r--   1 bin      auth        1208 Jan 31 15:18 /etc/passwd
        $ ls -al /bin/cp
        lrwxrwxrwx   1 root     root          30 Dec 15  1999 /bin/cp ->
        /opt/K/SCO/Unix/5.0.5Eb/bin/cp
        $ ls -al /opt/K/SCO/Unix/5.0.5Eb/bin/cp
        -rwx--x--x   1 bin      bin        35860 Jul 28  1998
        /opt/K/SCO/Unix/5.0.5Eb/bin/cp
        $ cp /etc/passwd /tmp/test2
        $ ls -al /tmp/test2
        -rw-r--r--   1 test     group       1208 Jul 20 13:16 /tmp/test2
        
        
        
        #### Linux ####
        
        naif:~$ uname -a
        Linux naif 2.2.16 #2 Tue Jul 4 18:34:31 CEST 2000 i686 unknown
        naif:~$ cp -p /etc/passwd /tmp/test1
        naif:~$ ls -al /tmp/test1
        -rw-r--r--   1 naif     users         420 Jul 13 15:12 /tmp/test1
        naif:~$ cp /etc/passwd /tmp/test2
        naif:~$ ls -al /tmp/test2
        -rw-r--r--   1 naif     users         420 Jul 20 13:24 /tmp/test2
        naif:~$ ls -al /bin/cp
        -rwxr-xr-x   1 root     bin         27188 Jun 21 10:31 /bin/cp*

SOLUTION

    Ancient history.   On OSes derived  from UNIX System  V (including
    SCO), unprivileged users  can give away  ownership of their  files
    using  the  chown()  system  call  (which  is exactly what "cp -p"
    does).   When you  give away  ownership, it  clears the setuid and
    setgid bits  (if either  was set)  to avoid  the obvious  security
    risk.  BSD-derived systems don't allow giving away file  ownership
    unless you're a privileged user.

    This was described in the POSIX standard as an optional  behavior,
    to allow both the System V behavior that you described, as well as
    the BSD behavior which is what Linux seems to implement.

    In other words, this is a feature, not a bug.