We are tried to count how many files belong to certain group. Our system
administrator told us "non-owner" can easy change file group name to
another. I have been tried several combination and never successful (only ROOT
can change file group to other name).
Does anyone know how "no-owner" can change file group name?
Thanks.
______________________________________________________________________________________________________
?????????Yahoo!??????2.0????????????? http://tw.mg0.mail.yahoo.com/dc/landing
Filipe Brandenburger
2009-May-12 19:13 UTC
[CentOS] can non-owner change file group setup?
2009/5/12 mcclnx mcc <mcclnx at yahoo.com.tw>:> Does anyone know how "no-owner" can change file group name?I believe that is not possible. What exactly are you trying to accomplish? Filipe
mcclnx mcc wrote:> > We are tried to count how many files belong to certain group. Our system > administrator told us "non-owner" can easy change file group name to > another. I have been tried several combination and never successful (only > ROOT can change file group to other name). > > Does anyone know how "no-owner" can change file group name?If the "no-owner" user has write access to the file they could copy the file to a new file name(thus getting ownership of the file), and overwriting the original file with the new file. e.g. [natea at us-cfe002:~]$ ls -l hosts -rw-r--r-- 1 root root 50 May 12 12:17 hosts [natea at us-cfe002:~]$ cp hosts hosts_new [natea at us-cfe002:~]$ ls -l hosts_new -rw-r--r-- 1 natea natea 50 May 12 12:18 hosts_new [natea at us-cfe002:~]$ mv hosts_new hosts mv: overwrite `hosts', overriding mode 0644? y [natea at us-cfe002:~]$ ls -l hosts -rw-r--r-- 1 natea natea 50 May 12 12:18 hosts [natea at us-cfe002:~]$ nate
we plan to count how many files belong to that group. For example HR or Finance. --- 09/5/12 (?)?Filipe Brandenburger <filbranden at gmail.com> ???> ???: Filipe Brandenburger <filbranden at gmail.com> > ??: Re: [CentOS] can non-owner change file group setup? > ???: "CentOS mailing list" <centos at centos.org> > ??: 2009?5?12?,?,??3:13 > 2009/5/12 mcclnx mcc <mcclnx at yahoo.com.tw>: > > Does anyone know how "no-owner" can change file group > name? > > I believe that is not possible. > > What exactly are you trying to accomplish? > > Filipe > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >______________________________________________________________________________________________________ ?????????Yahoo!??????2.0????????????? http://tw.mg0.mail.yahoo.com/dc/landing
I don't think that is true: (my login ID are member of DBA and OINSTALL group) $ ls -al total 13936 drwxrwxrwt 8 root root 4096 May 13 04:02 . drwxr-xr-x 32 root root 4096 Feb 11 15:36 .. -rwxrwxr-- 1 oracle dba 9 May 11 20:50 aabb $ chgrp oinstall aabb chgrp: changing group of `aabb': Operation not permitted --- 09/5/12 (?)?nate <centos at linuxpowered.net> ???> ???: nate <centos at linuxpowered.net> > ??: Re: [CentOS] can non-owner change file group setup? > ???: centos at centos.org > ??: 2009?5?12?,?,??5:49 > Scott Silva wrote: > > > But if you only have read access to the original file, > can you overwrite it? > > If you have write access to the directory yes you should be > able > to, if you only have read access to the directory I would > expect > not. > > nate > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >______________________________________________________________________________________________________ ?????????Yahoo!??????2.0????????????? http://tw.mg0.mail.yahoo.com/dc/landing
I don't think that is true: (my login ID are member of DBA and OINSTALL group) $ ls -al total 13936 drwxrwxrwt 8 root root 4096 May 13 04:02 . drwxr-xr-x 32 root root 4096 Feb 11 15:36 .. -rwxrwxr-- 1 oracle dba 9 May 11 20:50 aabb $ chgrp oinstall aabb chgrp: changing group of `aabb': Operation not permitted --- 09/5/12 (?)?Les Mikesell <lesmikesell at gmail.com> ???> ???: Les Mikesell <lesmikesell at gmail.com> > ??: Re: [CentOS] can non-owner change file group setup? > ???: "CentOS mailing list" <centos at centos.org> > ??: 2009?5?12?,?,??3:38 > nate wrote: > > mcclnx mcc wrote: > >> We are tried to count how many files belong to > certain group. Our system > >> administrator told us "non-owner" can easy change > file group name to > >> another.? I have been tried several > combination and never successful (only > >> ROOT can change file group to other name). > >> > >> Does anyone know how "no-owner" can change file > group name? > > > > If the "no-owner" user has write access to the file > they could > > copy the file to a new file name(thus getting > ownership of the > > file), and overwriting the original file with the new > file. > > You need write access in the directory, but only read > access to the > original file to do this. > > -- > ???Les Mikesell > ? ? lesmikesell at gmail.com > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >______________________________________________________________________________________________________ ?????????Yahoo!??????2.0????????????? http://tw.mg0.mail.yahoo.com/dc/landing
NiftyCluster Tom Mitchell
2009-May-16 04:54 UTC
[CentOS] can non-owner change file group setup?
2009/5/12 mcclnx mcc <mcclnx at yahoo.com.tw>:> > We are tried to count how many files belong to certain group. Our system administrator told us "non-owner" can easy change file group name to another. ?I have been tried several combination and never successful (only ROOT can change file group to other name). > > Does anyone know how "no-owner" can change file group name?In general this is disallowed! The reason is that in a system with quotas the common abuse tactic was to give files away to someone else yet hide them down inside your own directory. By giving files away you might never go over quota. Worse the poor other guy cannot find out why he is over quota. Some things may be possible with very open directory permissions. If directory permissions are wide open (777) is possible to take ownership of a file indirectly by making a copy then deleting the original. This is not possible on dirs where the T bit is set. $ ls -ld /tmp drwxrwxrwt 39 root root 4096 2009-05-15 21:48 /tmp Also if you are in a multi group situation you can move files between groups that you are a member of. This multi group case makes sense from the accounting point of view. -- NiftyCluster T o m M i t c h e l l