Bugtraq mailing list archives
Re: GNU tar and the setuid bit
From: David Watson <baikie () ehwhat freeserve co uk>
Date: Sun, 7 Aug 2005 00:11:45 +0100
On Saturday 06 Aug 2005 4:22 pm, David Watson wrote:
(By the way, -o is broken in version 1.14 at least, but --no-same-owner works.)
Sorry, I just noticed that that last comment was entirely misleading! In all versions, using --no-same-owner without --no-same-permissions *will* cause the setuid and setgid bits to be preserved even where the owner or group has been changed to root (i.e. where a different UID or GID was specified in the archive), as will using -o (in 1.15) without --no-same-permissions. The -o option is 'broken' in 1.14 (and possibly in earlier versions) in that it simply fails to enable the intended behaviour (in fact it enables the exact opposite, being equivalent to --same-owner).
Current thread:
- tar preserves setuid bit Imran Ghory (Aug 05)
- Re: tar preserves setuid bit Neil McKellar (Aug 09)
- Re: tar preserves setuid bit Imran Ghory (Aug 09)
- Re: tar preserves setuid bit Jeremy C. Reed (Aug 09)
- Re: tar preserves setuid bit Imran Ghory (Aug 09)
- Re: tar preserves setuid bit Sean Comeau (Aug 09)
- Re: GNU tar and the setuid bit David Watson (Aug 09)
- Re: GNU tar and the setuid bit David Watson (Aug 09)
- Re: tar preserves setuid bit Neil McKellar (Aug 09)