Prevent Solaris Users from Changing File Ownership (chown)

Posted July 5, 2004 by Quinn McHenry in Solaris security

Solaris users are typically able to change the owner of a file that they own. If you consider this a security risk or would like to prevent users from doing this for other reasons, follow the instructions in this tutorial.


To prevent users from changing the ownership of their files, add the following line (or change the line if it already exists) in /etc/system:

set rstchown=0

A reboot of the system is required to make the settings take effect. Be careful when editing the /etc/system file as errors in the file can prevent a successful boot. Making a backup of the /etc/system file before making changes can save massive amounts of effort. See this tech recipe for details.

To allow users to change their file ownership, use the following line in /etc/system:

set rstchown=1

 

About Quinn McHenry

Quinn was one of the original co-founders of Tech-Recipes. He is currently crafting iOS applications as a senior developer at Small Planet Digital in Brooklyn, New York.
View more articles by Quinn McHenry

The Conversation

Follow the reactions below and share your own thoughts.