[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: sources file permissions
From: |
Sergey Zhitomirsky |
Subject: |
Re: sources file permissions |
Date: |
Sat, 11 Nov 2000 04:48:14 +0300 |
Sorry , was too busy for two days , so
just rechecked again - when I extract under user , all the files and
directories
receive the user's ownership - like you say , and directories are in 775 mode
files 664 (my umask is 002) , so everything is perfect.
but when I extract under root - they all extracts with user 506 , group 506
ownership ,
with mode 777 on directories and 664 for files ( meanwhile umask=027 !)
I think this is incorrect behaviour , this is unsecure , because when
it is exctracted under public readable (755) directory by root :
1) User 506 in the system can change everything in sources.
2) The mode "write for all" is unsecure - any user can delete files under
parted directory
and insert his own files. ( when parted directory is under public
accessable directory)
May be really "make dist" should chown everything to root.root , and remove
"write for all"
permissions both from files and directories.
It would be nice. May be you would forward this to them ?
Best regards,
Sergey.
P.S. I don't have alias for tar ;
#type tar
tar is /bin/tar
#rpm -q tar
tar-1.13.17-3
- Re: sources file permissions,
Sergey Zhitomirsky <=