diff options
| author | Jason McIntyre <jmc@cvs.openbsd.org> | 2005-03-16 20:31:09 +0000 |
|---|---|---|
| committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2005-03-16 20:31:09 +0000 |
| commit | 6f5beb807676037a8c5d887594a665a71f43e8bc (patch) | |
| tree | 3d5a44c40a2c08bd3a0a5a6248e774daddbe44eb /bin/chmod | |
| parent | 741a3548d025fa222114759fb3d8d1b0247f29aa (diff) | |
chown(8): mention that this utility clears setuid/setgid bits by default;
from stuart henderson (pr #4149);
chown(2)/chown(8): mention that sysctl variable fs.posix.setuid=0
overrides this behaviour;
from millert and otto;
ok deraadt@ otto@ millert@
Diffstat (limited to 'bin/chmod')
| -rw-r--r-- | bin/chmod/chown.8 | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/bin/chmod/chown.8 b/bin/chmod/chown.8 index 79419ccb162..9c8cb909405 100644 --- a/bin/chmod/chown.8 +++ b/bin/chmod/chown.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: chown.8,v 1.6 2004/02/14 18:14:14 jmc Exp $ +.\" $OpenBSD: chown.8,v 1.7 2005/03/16 20:31:08 jmc Exp $ .\" .\" Copyright (c) 1990, 1991, 1993, 1994 .\" The Regents of the University of California. All rights reserved. @@ -121,6 +121,17 @@ may be either a numeric group ID or a group name. If a group name is also a numeric group ID, the operand is used as a group name. .Pp +By default, +.Nm +clears the set-user-ID and set-group-ID bits on the file +to prevent accidental or mischievous creation of +set-user-ID and set-group-ID programs. +This behaviour can be overridden by setting the +.Xr sysctl 8 +variable +.Va fs.posix.suid +to zero. +.Pp Only the superuser is permitted to change the owner of a file. .Pp The |