Re: World writable tarballs

From: Joshua Hudson
Date: Sun Apr 30 2006 - 00:59:31 EST

Next message: Linus Torvalds: "Re: better leve triggered IRQ management needed"
Previous message: Neil Brown: "Re: better leve triggered IRQ management needed"
In reply to: Alistair John Strachan: "Re: World writable tarballs"
Next in thread: Sam Ravnborg: "Re: World writable tarballs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/29/06, Alistair John Strachan <s0348365@xxxxxxxxxxxx> wrote:

On Sunday 30 April 2006 01:18, Mark Rosenstand wrote:
> Hi,
>
> It seems that at least the content of the 2.6.16 tarball is world
> writable if extracted with GNU tar as an privileged user.
>
> Is this on purpose in order to prove some point?

Read this thread:

http://marc.theaimsgroup.com/?l=linux-kernel&m=113304241100330&w=2

This REALLY needs fixing. If it weren't so late right now I might have written
a filter that takes a tarball and sanitizes the permissions. I've got
good reasons
for compiling the kernel as root (when in the make, install, reboot, test loop
it's quite a timesaver).

Yes, I'm the guy who keeps trying to log in as root on ftp.kernel.org over ftp
with no password. For some bone-headed reason I keep thinking the default
username for ftp is anonymous, not the user's.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: better leve triggered IRQ management needed"
Previous message: Neil Brown: "Re: better leve triggered IRQ management needed"
In reply to: Alistair John Strachan: "Re: World writable tarballs"
Next in thread: Sam Ravnborg: "Re: World writable tarballs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]