Linux kernel source problem

[razor () SHOCK LDC RO (Alex Popa)]

There is a (mostly useful) feature in "tar" that makes it extract the
files an archive contains with the same UID/GID if root. If the system
does not have an account with the same name, it uses the numeric values.

But what if we just got the latest kernel sources, and install them as in
the README:

---
INSTALLING the kernel:

 - If you install the full sources, do a

                cd /usr/src
                gzip -cd linux-2.2.XX.tar.gz | tar xfv -

   to get it all put in place. Replace "XX" with the version number of the
   latest kernel.

---

So you do this as root, needing write access to /usr/src. The files get
extracted with "normal" UID/GID, and if you have an user that has those
ids, (s)he can do whatever (s)he wants to the sources.

There are two possible solutions:
a) chmod 700 /usr/src
b) use "tar --owner=root --group=root -xvf -" in the command line above

I suggest that the script that builds a kernel source archive passes the
"--owner=root --group=root" to tar when vreating those.

Please excuse my English.

------------+------------------------------------------
Alex Popa,  |There never was a good war or a bad peace
razor () ldc ro|                   -- B. Franklin
-------------------------------------------------------