[TUHS] History of chown semantics
Tim Bradshaw
tfb at tfeb.org
Mon Jan 13 20:37:25 AEST 2014
I think that this is off-topic now, so I won't respond further in this thread.
> Which is to say, the file owner is irrelevant to the quota system, only
> the pathname matters.
Indeed, *because that's the only way you can do it without quotas*, which was my whole point.
> Again, how can any of this be corrupted by free chown-ing?
For instance imagine I want to pass some customer data to which I have access to you, who con't have access, for purposes of malice. I know that leaving a world-readable file will be spotted. So I put them in a file which is 600 in /tmp, and chown it to you. Not only can't this be easily spotted without system-call auditing (which people generally do not do), but if it is spotted it looks like it's your fault since you own the file. File ownership does matter.
More information about the TUHS
mailing list