Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Security user Can't change the groups.
Operating Systems AIX Security user Can't change the groups. Post 302315833 by zaxxon on Wednesday 13th of May 2009 10:24:21 AM
Old 05-13-2009
For security reasons only root can use chown and chgrp. Else you could write a program with malicious code, chown/chgrp it to somebody else, maybe root or whoever and try to get it executed by those. So no chown/chgrp for normal users. I have no appropriate line from IBM at hand, but usually it is on many types of systems like this.

From Sun Admin documentation for example:
Quote:
Restrictions


On most systems, the use of the chown and chgrp commands is restricted for non-privileged users. If you are not the administrator of the system, you can not change user nor group ownerships for security reasons. If the usage of these commands would not be restricted, malicious users could assign ownership of files to other users and/or groups and change behavior of those users' environments and even cause damage to other users' files.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

dynamic user groups

Is it possible to dynamically allocate a new user group to an existing session on Solaris 5.8 I'd like to be able to allow certain users to access a set of scripts for the life of session (preferably there own session not a specific login created for the purpose) by dynamically giving the session... (0 Replies)
Discussion started by: hammer
0 Replies

2. UNIX for Dummies Questions & Answers

Adding user to groups

How do I add a user to a group? And how do I determine the list of groups to add a user? Solaris 10 newbie (1 Reply)
Discussion started by: peteythapitbull
1 Replies

3. UNIX for Dummies Questions & Answers

User groups

Hi I have a user zak and 4 groups:- oracle stats data archive I want user zak to be part of the oracle and stats group but not be able to view,list anything in data and archive. Also anyone in the data and archive group should not be able to view,list anything in oracle and stats....... (3 Replies)
Discussion started by: Zak
3 Replies

4. UNIX for Advanced & Expert Users

How to remove UNIX user and groups

I created UNIX groups - oinstall, dba and UNIX user - oracle for the installation of Oracle 10g. But I might did something incorrectly. Oracle user account didn't created properly. How to remove these UNIX groups and user so that I can start over again to create them properly. Thanks. (7 Replies)
Discussion started by: duke0001
7 Replies

5. Solaris

Setting user groups

Hi......... I'm trying to set a group of users to login to do a required super-user tasks without knowing the super-user passwd. For example...a user popodude logs in as self with passwd..system accepts the password & then automatically asks for the super-user account passwd. My goal is... (1 Reply)
Discussion started by: Remi
1 Replies

6. AIX

user & groups

1 - what is the maximum no: of groups a user can be a part of ? 2 - what is maximum no: of users a group can contain ? (6 Replies)
Discussion started by: senmak
6 Replies

7. UNIX for Dummies Questions & Answers

How to add user to multiple groups

hi all i am new to solaris how to add a user to multiple(secondary) groups. user :anna Groups : delhi ,mumbai,pune i need like this in cat /etc/group delhi::anna mumbai::anna pune::anna i tried using usermod -a -G hyd anna that does int work how to delete user from group... (3 Replies)
Discussion started by: kalyankalyan
3 Replies

8. AIX

Nested user groups

Is there a command to nest a group in another group in AIX. (2 Replies)
Discussion started by: daveisme
2 Replies

9. UNIX for Advanced & Expert Users

How to get User list from different groups and root?

Hi all, I want to list out users from different group and root, who are roaming in our group or root as a user. how can i list out this users ? (1 Reply)
Discussion started by: kpatel97
1 Replies

10. HP-UX

Creating user groups that are persistent

Hi, I need to modify the user 'munfai' by adding it into groups bscs, oinstall, dba. I use this command as user root to add the user into the mentioned groups : # usermod -G bscs,oinstall,dba munfai I can thereafter see the id in the groups : # id munfai uid=258(munfai) gid=20(users)... (2 Replies)
Discussion started by: anaigini45
2 Replies

LEARN ABOUT ULTRIX

chown

chown(8)						      System Manager's Manual							  chown(8)

Name
       chown - change owner and, optionally, group

Syntax
       /etc/chown [ -fR ] owner[.group] file...

Description
       The  command  changes  the owner and, optionally, group for one or more files and directories.  The value for file can be a full or partial
       path.  The value for owner can be either a decimal UID or a login name found in the password file.  The value for group	can  be  either  a
       decimal GID or a group name found in the group file.

       Only  the  superuser  can change the ownership of a file.  The superuser can also change the group of a file.  The owner of a file can only
       change the group, but the owner must be a member of any group specified.

Options
       -f   Inhibits display of errors that are returned when cannot change the owner or group of the specified files.

       -R   Causes to recursively descend any directories subordinate to file and to set the owner, group, or  both  for  each	file  encountered.
	    When  symbolic  links  are encountered, changes the owner and group for the link file itself but does not traverse the path associated
	    with the link.  The option is useful only when file is a directory that is not empty.

Examples
       Change the owner of to ecbell:
       /etc/chown ecbell myfile

       Change the owner of to craig and group of to admin:
       /etc/chown craig.admin myfile

       Change the owner to richart and group to eng for the directories and and for all files and directories on any levels subordinate to and
       /etc/chown -R richart.eng projecta projectb

Files
       See Also
	      chgrp(1), chown(2), group(5), group(5yp), passwd(5), passwd(5yp)

																	  chown(8)
All times are GMT -4. The time now is 07:58 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy