Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!att!pacbell.com!ames!mindcraft.com!karish
From: karish@mindcraft.com (Chuck Karish)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Summary: tar and cpio
Message-ID: <660691624.18045@mindcraft.com>
Date: 8 Dec 90 21:27:03 GMT
References: <1990Dec6.005358.6336@dg-rtp.dg.com> <18786@rpp386.cactus.org> <658@silence.princeton.nj.us> <110064@convex.convex.com>
Organization: Mindcraft, Inc.
Lines: 22

In article <110064@convex.convex.com> tchrist@convex.COM
(Tom Christiansen) writes:
>As was pointed out to me by Dick Dunn <rcd@ico.isc.com>, there's also the
>problem of being able to create files you can't get rid of or touch
>without superuser intervention.  A tar or cpio extract of directories
>containing files owned by another user will create this scenario.  Once
>the directory is owned by someone else, you can't change it back, so you
>can't delete the files, and you can't delete the directory because it's not
>empty.

The tar and cpio utilities on systems with privileged chown() should
restore files and directories with the extractor's ID as owner, unless
done with superuser privileges.  Many tar implementations don't store
directories anyway, so the directories are created as needed on
extraction and are owned by the current user.

How should permissions be set on extraction from an archive?  Should
setuid bits be honored?
-- 

	Chuck Karish		karish@mindcraft.com
	Mindcraft, Inc.		(415) 323-9000