Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!yale!mintaka!bloom-beacon!eru!hagbard!sunic!mcsun!hp4nl!svin02!rcpieter
From: rcpieter@svin02.info.win.tue.nl (Tiggr)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <1627@svin02.info.win.tue.nl>
Date: 9 Dec 90 14:02:32 GMT
References: <658@silence.princeton.nj.us> <110064@convex.convex.com> <660691624.18045@mindcraft.com> <1990Dec9.012228.24363@mp.cs.niu.edu>
Organization: Eindhoven University of Technology, The Netherlands
Lines: 21

rickert@mp.cs.niu.edu (Neil Rickert) writes:

>In article <660691624.18045@mindcraft.com> karish@mindcraft.com (Chuck Karish) writes:
>>How should permissions be set on extraction from an archive?  Should
>>setuid bits be honored?

> They probably should not be honored.  But changing the rules to not honor
>suid bits on extraction from tar tapes sure would make life more difficult
>for vendors when they distribute new binary software releases.

The 07000 bits *should* be honoured to be able to do proper backups (as
root).  If chown is a privileged call (as in BSD) normal users always
extract files with the user's userid, and root may choose to force
uid=0 or to use the uids as present in the tarchive.  Using this scheme
there is no problem (the mere idea of being able to do something to a
file as a normal user, causing that you must become superuser to undo
it is horrible anyway).

Just my two BSD-minded cents,

Tiggr