Bugtraq mailing list archives
Re: tar preserves setuid bit
From: Neil McKellar <mckellar () telusplanet net>
Date: Fri, 5 Aug 2005 15:34:04 -0600
Imran Ghory <imranghory () gmail com> wrote:
If running as the root user tar restores the original permissions to extracted files, this includes the setuid bit. No warning is given to the user that this has happened.
From the default man page for tar:
The owner, modification time, and mode are restored (if possible); This isn't specific to GNU, it's *expected behaviour* for every version of tar. In fact, a failure to conform to this behaviour breaks essential functionality of tar. If the root user doesn't know what this tool does or what it's for, then don't run it. What part of 'Tape ARchive' wasn't clear? Would you be happy if your backup and restore procedures failed to actually restore files in their original condition? Sheesh. -- Neil (mckellar () telusplanet net)
Current thread:
- tar preserves setuid bit Imran Ghory (Aug 05)
- Re: tar preserves setuid bit Neil McKellar (Aug 09)
- Re: tar preserves setuid bit Imran Ghory (Aug 09)
- Re: tar preserves setuid bit Jeremy C. Reed (Aug 09)
- Re: tar preserves setuid bit Imran Ghory (Aug 09)
- Re: tar preserves setuid bit Sean Comeau (Aug 09)
- Re: GNU tar and the setuid bit David Watson (Aug 09)
- Re: GNU tar and the setuid bit David Watson (Aug 09)
- Re: tar preserves setuid bit Neil McKellar (Aug 09)