Re: Zip 2,31 bad default file-permissions vulnerability

[Lupe Christoph <lupe () lupe-christoph de>]

Quoting Imran Ghory <imranghory () gmail com>:
> On 8/4/05, Lupe Christoph <lupe () lupe-christoph de> wrote:
> > Quoting Imran Ghory <imranghory () gmail com>:

> > > A zip file created by Zip 2.3.1 has the permissions 644 by default,
> > > Therefore any file compressed becomes world readable.

> > Zip 2.3 works correctly:
> > $ (umask 0; zip test.zip feedlist.opml; ls -l test.zip; rm test.zip)
> >  adding: feedlist.opml (deflated 80%)
> > -rw-rw-rw-    1 lupe     lupe         3156 Aug  4 10:52 test.zip

> A clarification: Zip obeys the umask, the example I gave was due to
> most unix distributions having a default umask which makes new files
> world readable. Contrast this with gzip/bzip2 which will ignore the
> umask and preserve the permissions of the file being compressed.

You may argue that a default umask of 022 is too permissive, but when
you do, be prepared for a lot of flak.

You should not compare zip to bzip or gzip even though the names are
similar but to tar. What should zip do when you pack multiple files
with differing permissions?

What zip does is entirely correct.

Lupe Christoph
-- 
| lupe () lupe-christoph de       |           http://www.lupe-christoph.de/ |
| "... putting a mail server on the Internet without filtering is like   |
| covering yourself with barbecue sauce and breaking into the Charity    |
| Home for Badgers with Rabies.                            Michael Lucas |