[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] [bug #2720] (grass) tar --no-same-owner
From: |
Joerg Schilling |
Subject: |
Re: [Bug-tar] [bug #2720] (grass) tar --no-same-owner |
Date: |
Mon, 06 Dec 2004 15:55:53 +0100 |
User-agent: |
nail 11.2 8/15/04 |
Dan Jacobson <address@hidden> wrote:
> >>> How to be more secure?
> >> In ...-install.sh use tar --no-same-owner.
>
> H> Is this a portable option?
> the GNU manual doesn't go into it.
> If not then "chown -R root... tree" before creating the tar, or
> test `id -u` = 0 && "chown -R root... tree" for the user untarring, or
> something.
tar --no-same-owner is 100% nonportable.
Better to use:
o Assign to extracted files the user and group identifier of the user
running
the program rather than those on the archive.
But note that GNU tar did violate POSIX/SVSv2 for a while at this point.
Jörg
--
EMail:address@hidden (home) Jörg Schilling D-13353 Berlin
address@hidden (uni) If you don't have iso-8859-1
address@hidden (work) chars I am J"org Schilling
URL: http://www.fokus.fraunhofer.de/usr/schilling
ftp://ftp.berlios.de/pub/schily