Re: Prevent chown to remove the setuid bit

To: debian-user@lists.debian.org
Subject: Re: Prevent chown to remove the setuid bit
From: Andy Smith <andy@strugglers.net>
Date: Wed, 26 Nov 2025 23:13:40 +0000
Message-id: <[🔎] aSeJpHWsqIL4tBRI@mail.bitfolk.com>
In-reply-to: <[🔎] 2818a6b8-7ff2-4df3-a9c5-f62a65437f5d@gmail.com>
References: <[🔎] 2818a6b8-7ff2-4df3-a9c5-f62a65437f5d@gmail.com>

Hi,

On Wed, Nov 26, 2025 at 08:39:43PM +0100, Franco Martelli wrote:
> Is it possible to change the group owner keeping the permissions of the file
> in its place?

I don't think so because it's the kernel that's enforcing this in the
system call. On user or group change it's clearing setuid, setgid and
all capabilities.

Is there a reason why you can't read the setuid/setgid bits before and
restore them after?

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Reply to:

Follow-Ups:
- Re: Prevent chown to remove the setuid bit
  - From: Franco Martelli <martellif67@gmail.com>

References:
- Prevent chown to remove the setuid bit
  - From: Franco Martelli <martellif67@gmail.com>

Prev by Date: Re: awk or sed program to convert mbox files to HTML
Next by Date: Re: cron.weekly failure after upgrade bookworm -> trixie
Previous by thread: Prevent chown to remove the setuid bit
Next by thread: Re: Prevent chown to remove the setuid bit
Index(es):
- Date
- Thread