non-superuser chown(2)s considered harmful
Chuck Karish
karish at mindcraft.com
Sun Dec 9 08:27:03 AEST 1990
In article <110064 at convex.convex.com> tchrist at convex.COM
(Tom Christiansen) writes:
>As was pointed out to me by Dick Dunn <rcd at ico.isc.com>, there's also the
>problem of being able to create files you can't get rid of or touch
>without superuser intervention. A tar or cpio extract of directories
>containing files owned by another user will create this scenario. Once
>the directory is owned by someone else, you can't change it back, so you
>can't delete the files, and you can't delete the directory because it's not
>empty.
The tar and cpio utilities on systems with privileged chown() should
restore files and directories with the extractor's ID as owner, unless
done with superuser privileges. Many tar implementations don't store
directories anyway, so the directories are created as needed on
extraction and are owned by the current user.
How should permissions be set on extraction from an archive? Should
setuid bits be honored?
--
Chuck Karish karish at mindcraft.com
Mindcraft, Inc. (415) 323-9000
More information about the Comp.unix.internals
mailing list