non-superuser chown(2)s considered harmful
Tom Christiansen
tchrist at convex.COM
Sun Dec 9 14:37:29 AEST 1990
In article <660691624.18045 at mindcraft.com> karish at mindcraft.com (Chuck Karish) writes:
>The tar and cpio utilities on systems with privileged chown() should
>restore files and directories with the extractor's ID as owner, unless
>done with superuser privileges.
Yes, but what happens where chown is not privileged?
% mkdir foo
% touch foo/bar
% chown somebody_else foo/bar foo
Now how do I get rid of that stuff?
>How should permissions be set on extraction from an archive? Should
>setuid bits be honored?
I tend to prefer them to be maintained, even if it does seem to
invite mischief. It makes it hard to copy directories around
otherwise. I once tried to disable this and found it sure broke
a lot of things.
--tom
--
Tom Christiansen tchrist at convex.com convex!tchrist
"With a kernel dive, all things are possible, but it sure makes it hard
to look at yourself in the mirror the next morning." -me
More information about the Comp.unix.internals
mailing list