>>>> [...make chown setuid-root...] >>> Only in a very trusting environment, where you don't mind if users >>> chown files they dont own to themselves.... >> Of course you'd wrap it up or write your own little chown utility >> before you made it suid :) > You'd introduce a race condition with a wrapper. If you wrote your > own chown command, you could do it securely, using fchown.. But that would work only for things for which open() performs no nontrivial operations; in particular, you couldn't use it to chown device special files (probably not too much of a problem) or named pipes (perhaps more of a problem) or UNIX-domain sockets (because they can't be open()ed at all). The more I think about this, the more I think it has to be in the kernel if you want it at all. Or else you just have to live with the race condition, which in the case of chown is probably not very severe. der Mouse mouse@collatz.mcrcim.mcgill.edu