Most unix systems prevent users from “giving away” files, that is, users may only run
chown if they have the target user and group privileges. Since using
chown requires owning the file or being root (users can never appropriate other users’ files), only root can run
chown to change a file’s owner to another user.
The reason for this restriction is that giving away a file to another user can allow bad things to happen in uncommon, but still important situations. For example:
- If a system has disk quotas enabled, Alice could create a world-writable file under a directory accessible only by her (so no one else could access that world-writable file), and then run
chownto make that file owned by another user Bill. The file would then count under Bill’s disk quota even though only Alice can use the file.
- If Alice gives away a file to Bill, there is no trace that Bill didn’t create that file. This can be a problem if the file contains illegal or otherwise compromising data.
- Some programs require that their input file belongs to a particular user in order to authenticate a request (for example, the file contains some instructions that the program will perform on behalf of that user). This is usually not a secure design, because even if Bill created a file containing syntactically correct instructions, he might not have intended to execute them at this particular time. Nonetheless, allowing Alice to create a file with arbitrary content and have it taken as input from Bill can only make things worse.
On Linux, you need the CAP_CHOWN capability to chown. root is granted such. Refer to:
If you intend to give the CAP_CHOWN capability, build your code with libcap-ng or libcap as demonstrated by:
where you have to simple replace CAP_AUDIT_WRITE with CAP_CHOWN.
You can launch the command but it will not work if you are not root. It is easy : imagine a user which can change a software to root user. It can add the setuid bit and, voilà, the guy is root !
So, the use can add the bit with chmod, but no chance to change the owner of files.