[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] [Fwd: Bug#328228: tar: CAN-2005-2541: Should warn when ext
|
From: |
Sergey Poznyakoff |
|
Subject: |
Re: [Bug-tar] [Fwd: Bug#328228: tar: CAN-2005-2541: Should warn when extracting setuid/setgid files] |
|
Date: |
Wed, 14 Sep 2005 18:07:15 +0300 |
Bdale Garbee <address@hidden> wrote:
> I would prefer to not deviate the Debian tar default behavior from
> "stock". What's your take on this?
By default, GNU tar restores all permissions if run from a root account.
This is the default behavior of all existing tar implementations that I
know of. Historically it has always been so, and the POSIX standards
do not request any special tar behavior when restoring setuid/setgid
bits.
This default behavior can be disabled by supplying --no-same-permissions
command line option.
On the other hand, GNU tar will not by default restore set-user-ID and
set-group-ID bits if run by a non-privileged account.
I do not believe this behavior raises any security concerns, at least as
far as root knows what he/she is doing.
Regards,
Sergey