In Unix and Linux, each file and directory belong to a user and a group. To allow other users to read, write, or execute them, we can change their access rights—also called permissions—using the [.inline-code]chmod[.inline-code] command. Another way to achieve this consists in directly transferring their ownership to another user or group of users using the [.inline-code]chown[.inline-code] command. However, unlike [.inline-code]chmod[.inline-code], the [.inline-code]chown[.inline-code] command is more sensitive and requires elevated privileges to be executed.
In this post, we’ll discuss why the [.inline-code]chown[.inline-code] command requires superuser privileges and what are the most common pitfalls to avoid when using it.
[#executing-chown-command-as-root-with-sudo-chown]Executing the chown command as root with [.inline-code]sudo chown[.inline-code][#executing-chown-command-as-root-with-sudo-chown]
In Linux, regular users are not allowed to change the ownership of files or directories, even if they own them.
The main reason for this security mechanism is to prevent users from acquiring or giving away files they’re not supposed to, which could end up being harmful to the system or flagged as suspicious activity.
- A user could bypass their assigned disk quota—which is the amount of space allotted to each user for file storage on a given computer—by creating a file in a directory only accessible by them, and transfer the ownership of this file to another user. This file would then count towards the disk quota of another user and not themselves.
- A user could give away a file containing illegal or compromising data to another user, without leaving a trace of who originally created it.
- A user could usurp the identity of another user and transfer the ownership of a private file to themselves.
- A user could accidentally change the ownership of a binary required by the operating system, resulting in broken commands such as [.inline-code]sudo[.inline-code].
[#using-the-sudo-command]Using the sudo command[#using-the-sudo-command]
To execute the [.inline-code]chown[.inline-code] command, a user will have to be registered on the list of sudoers, and temporarily gain elevated privileges through the use of the [.inline-code]sudo[.inline-code] command.
[#choosing-a-user-for-sudo-chown-user]Choosing a user for [.inline-code]sudo chown <user>[.inline-code][#choosing-a-user-for-sudo-chown-user]
When using [.inline-code]sudo chown[.inline-code] command, the [.inline-code]user[.inline-code] argument designates any user account registered on the system, which can be, for example, your own account (e.g. [.inline-code]johndoe[.inline-code]) or the root account.
[#using-user-identifiers]Using user identifiers UIDs[#using-user-identifiers]
One valid argument as [.inline-code]<user>[.inline-code] is a user identifier (UID). On Unix-like operating systems, each user is identified by a unique value called the UID. On most distributions, identifiers below 1000 are reserved for a special type of users called system users, which are in fact security identities used by system daemons.
Since the [.inline-code]chown[.inline-code] command allows you to either use symbolic names (e.g. foobar) or identifiers (e.g. 1001) to specify the user or group you want to transfer the ownership of a file to, you have to make sure not to mistake them with numeric permissions, such as the ones used with the [.inline-code]chmod[.inline-code] command.
For example, executing the following command will result in the target file being transferred to the user identified on the system by the UID 777.
[#avoiding-common-pitfalls]Avoiding common pitfalls[#avoiding-common-pitfalls]
The execution of the [.inline-code]chown[.inline-code] command is definitive and can be extremely harmful to the operating system if not used with caution. In this part, we’ll cover the most common pitfalls to avoid when using it.
[#transferring-ownership-to-root-user-sudo-chown-root]Transferring ownership to the root user ([.inline-code]sudo chown root[.inline-code])[#transferring-ownership-to-root-user-sudo-chown-root]
Transferring the ownership of files and directories to the root user in order to restrict their access is usually discouraged. Instead, it is better to use the [.inline-code]chmod[.inline-code] command to change their permissions.
For example, transferring the home folder of a user to the root user, will result in this user being unable to access or operate on its files anymore.
[#using-the-recursive-flag-sudo-chown-r]Using the recursive flag ([.inline-code]sudo chown -r[.inline-code])[#using-the-recursive-flag-sudo-chown-r]
The [.inline-code]chown[.inline-code] command has a handy but quite dangerous option flag [.inline-code]-R[.inline-code], that allows you to recursively change the ownership of the entries contained in a specific directory.
This command is often combined with the [.inline-code]whoami[.inline-code] command–itself executed within a subshell using the command substitution syntax [.inline-code]$(command)[.inline-code] –which allows the transfer of the targeted entries onto the user you are currently logged in as.
When using this flag, you have to be careful not to insert any undesirable spaces or typos in the path of the target directory, especially if your path starts at the root directory ([.inline-code]/[.inline-code]), as you might otherwise end up with a broken system. As a rule of thumb, it is usually discouraged to change the ownership of files that belong to the system or the root user.
For example, executing the following command will result in all the entries of the filesystem to be assigned to the [.inline-code]foobar[.inline-code] user, which will cause commands such as [.inline-code]sudo[.inline-code] to become unusable, thus preventing any user from gaining elevated privileges.