Prevent Solaris users from changing file ownership (chown)

Contributor Icon Contributed by qmchenry Date Icon July 5, 2004  
Tag Icon Tagged: Solaris security

Users are typically able to change the owner of a file that they own. If you consider this a security risk or would like to prevent users from doing this for other reasons, follow the instructions in this recipe.


To prevent users from changing the ownership of their files, add the following line (or change the line if it already exists) in /etc/system:

set rstchown=0

A reboot of the system is required to make the settings take effect. Be careful when editing the /etc/system file as errors in the file can prevent a successful boot. Making a backup of the /etc/system file before making changes can save massive amounts of effort. See this recipe for details.

To allow users to change their file ownership, use the following line in /etc/system:

set rstchown=1

Previous recipe | Next recipe |
 

 
close Reblog this comment
Powered by Disqus · Learn more
blog comments powered by Disqus