3

I'm user1 and I created the user.file file, so I'm the owner of this file. I would like to change the owner of this file with the chown command as follows:

$ chown user2 test.file
chown: changing ownership of 'test.file': Operation not permitted

If I'm logged in as root the command work perfectly. Why can't I change the ownership when logged in as the file owner?

Michael Mrozek
  • 93,103
  • 40
  • 240
  • 233
dubis
  • 1,460

1 Answers1

6

You are correct - only the root user can change ownership on files. This is to prevent a simple attack vector whereby an individual sets the suid bit on a shell executable, then makes root the owner of that executable, then runs the executable gaining root access.

John
  • 17,011
  • 1
    If you're on a redhat derivative, then things might get confusing as some operations on file can't be performed even by root, because of selinux. Therefore if chown refuses to change ownership, run sudo setenforce 0, before it, do the change, setenforce 1 and then don't forget about restorecon -R on files.. – user283885 Dec 13 '15 at 22:07