[TUHS] History of chown semantics

John Cowan cowan at mercury.ccil.org
Tue Jan 14 04:16:35 AEST 2014

SZIGETI Szabolcs scripsit:

> Well, with the same reasoning, we don't need passwords or protection
> bits on files, since I can always take a piece of steel pipe and beat
> the owner, until he gives out the data, so why bother?

More like beating my argument with a pipe than the owner.

> Blocking chown for general users is one level of several controls. 

Its specific purpose was to make per-user quotas practical, but since
per-user quotas are as dead as the dodo, it no longer serves any known
purpose.  Yes, it blocks a particularly crude substitute for MAC in the
now-unusual case of true timesharing as opposed to single-user clients
and single-purpose servers.  But really it is nothing but security by
ceremonial.  A better case could be made that it should require root
privilege to perform chmod, or at least any chmod that widens access.

You are a child of the universe no less         John Cowan
than the trees and all other acyclic            http://www.ccil.org/~cowan
graphs; you have a right to be here.            cowan at ccil.org
  --DeXiderata by Sean McGrath

More information about the TUHS mailing list