Taking file ownership when file and directory is readable/writable

filesystems permissions chown

6,147

Solution 1

Yes, vim will remove the original file and create a new one to put the new content in.

Your cp && mv -f is the way to go.

Note that when the t bit is set on the directory as it is in your case, it's not enough to have write permission to the directory you also need to be the owner of the file or the directory (as you are).

Solution 2

Only root can change the owner of a file. Without involving root, all you can do is delete the file and create or rename a different file with that name.

If you were allowed to appropriate the file, this would be a security hole. For example, the user someone could open the file, then verify its ownership and permissions (by calling fstat on the open file handle), and conclude that only a program running as someone could have produced this data. If you were able to appropriate the file, you could then change its content against someone's wishes.

6,147

Sampo Sarrala - codidact.org

Updated on September 18, 2022

Comments

Sampo Sarrala - codidact.org almost 2 years
I got some files in directory:
```
drwxrws-wt 2 me      mygroup  4,0K 10.1. 12:34 .
-rw-r----- 1 someone mygroup  10G  10.1. 11:22 someonesfile
```
me and someone are regular users without supplementary groups.

How to take ownership of that file using me account?

If me do:
```
$ chown me someonesfile
chown: doing bla bla bla: permission denied
```
However me can "change" ownership by replacing file with new one:
```
cp someonesfile myfile && mv -f myfile someonesfile`
```
So my main question is if there is any easier (cheaper) way to change file ownership in described environment without using root account or other privilege elevations. Basically I wanted to know if me can somehow take advantage of directory permissions to somehow reset ownership/permissions without making copy of whole file.

I've also noticed that editing file with vim and forcing overwrite with :w! will change owner of file, is that same as doing cp && mv? At least touch someonesfile will fail with permission denied.
Stéphane Chazelas about 10 years

Some systems allow you to give away files you own to other users though. That was the case on HPUX the last time I used it (years ago, it may have changed since) for instance and was the case in SysIII and SysV according to the chown() POSIX spec.
steady rain almost 8 years

@Giles However, he's doing chown me someonesfile, i.e. trying to take the file from someone to the current user, instead of doing chown someone myfile, i.e. trying to "transfer" the ownership as in your example (which would have the implications given). Are there any obvious security issues taking instead of transferring the ownership?
Gilles 'SO- stop being evil' almost 8 years

@steadyrain I have trouble understanding your sentence. In my answer I discuss taking the ownership. Giving away ownership (which is allowed on some Unix variants, e.g. IRIX and HP-UX) has problems too, for example it makes disk quotas ineffective (disk quota exceeded? chown my big files to someone else.).