50

I'm logged in as minime.

I don't understand why it doesn't allow me to chown file that I own without su privileges. Obviously I can use sudo, but I'd like to understand why? because of www-data group?

chown minime:www-data user-functions.php

ls -lh

-rw-r--r--  1 minime minime    24K Jan  6 16:11 user-functions.php

Error:

chown: changing ownership of `user-functions.php': Operation not permitted
Improve this question

1 Answer 1

Reset to default
63

Non-privileged users (not root) cannot chown files to other user names. To use chown, a user must have the privileges of the target user. In other words, only root can give a file to another user.

As explained here (thanks @slhck):

Only processes with an effective user ID equal to the user ID of the file or with appropriate privileges may change the ownership of a file. If _POSIX_CHOWN_RESTRICTED is in effect for path:

  • Changing the user ID is restricted to processes with appropriate privileges.

  • Changing the group ID is permitted to a process with an effective user ID equal to the user ID of the file, but without appropriate privileges, if and only if owner is equal to the file's user ID or ( uid_t)-1 and group is equal either to the calling process' effective group ID or to one of its supplementary group IDs.

The rationale behind this has been nicely explained by @Gilles in this Unix & Linux answer:

The reason for this restriction is that giving away a file to another user can allow bad things to happen in uncommon, but still important situations. For example:

  • If a system has disk quotas enabled, Alice could create a world-writable file under a directory accessible only by her (so no one else could access that world-writable file in the directory), and then run chown to make that file owned by another user Bill. The file would then count under Bill's disk quota even though only Alice can use the file.
  • If Alice gives away a file to Bill, there is no trace that Bill didn't create that file. This can be a problem if the file contains illegal or otherwise compromising data.
  • Some programs require that their input file belongs to a particular user in order to authenticate a request (for example, the file contains some instructions that the program will perform on behalf of that user). This is usually not a secure design, because even if Bill created a file containing syntactically correct instructions, he might not have intended to execute them at this particular time. Nonetheless, allowing Alice to create a file with arbitrary content and have it taken as input from Bill can only make things worse.
Improve this answer
6
  • Also: pubs.opengroup.org/onlinepubs/009695399/functions/chown.html
    – slhck
    Commented Jan 6, 2014 at 12:51
  • 1
    Thanks @slhck I checked the man page and could not find an explicit mention of this, answer updated.
    – terdon
    Commented Jan 6, 2014 at 12:58
  • great! much clear now... what if minime is part of www-data group?
    – user98645
    Commented Jan 6, 2014 at 14:15
  • @SandroDzneladze nope, you need to have the same user ID as the user you want to chown to.
    – terdon
    Commented Jan 6, 2014 at 14:20
  • well this eliminates the possibility of JUST chowning files that I actually own. as root, a chown -R would change the owner on other files that I don't want to chown!
    – Michael
    Commented Aug 29, 2020 at 19:36

You must log in to answer this question.