See Why can't a normal user `chown` a file? for unrestricted access to chown is a bad idea. However, I want to implement a restricted version of this. I want to allow user adam to give files to user bobby and only allow this transfer.
Asked
Active
Viewed 163 times
2 Answers
0
I want to allow user adam to give files to user bobby and only allow this transfer.
To do this, you'd need to have a program that runs as root, makes the necessary checks and changes the owner of a given file. Running as root is easy, you can use sudo or a setuid program, getting the checking done right so that the program can't be misused, is harder.
What might work, would be to to: 1) Open the file 2) use fstat() to check its owner 3) then fchown() to change the owner.
It's necessary to go through an fd to work on the file, as access through the file name will not guarantee that the file being checked is the file that is operated on a moment later. The file could be changed in between.
Another choice would be to implement a sort of an "upload service" that would receive the files (their contents) through the network from adam, and then create completely new files for bobby from the received data.
I don't think either of these exist as ready-made tools as such, though the latter would be similar to email.
ilkkachu
- 138,973
-3
You can chmod the file to allow everyone to write to the file, then ownership becomes less relevant.
chmod 777 file lets everyone do almost anything to that file.
Mio Rin
- 3,040
sudoers. – DopeGhoti May 01 '17 at 19:08