Date: 29 Jul 1999 15:48:59 -0500 From: Don Croyle <croyle@gelemna.ft-wayne.in.us> To: Slawek Zak <zaks@prioris.im.pw.edu.pl> Cc: ports@freebsd.org Subject: Re: Extracted files' permissions Message-ID: <866733dvwk.fsf@emerson.gelemna.ft-wayne.in.us> In-Reply-To: Slawek Zak's message of "Thu, 29 Jul 1999 16:14:57 %2B0200" References: <19990729161457.A727@prioris.im.pw.edu.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Slawek Zak <zaks@prioris.im.pw.edu.pl> writes: > When I lately extracted some packages, I have noticed that owners of > the files and directories are random (try make extract lang/lua or > lang/erlang) These UIDs may or may not exist on your system. If they > do, the files can be easily overwritten by malicious user and lead to > compromise of the system. If the extraction is done by the superuser, extracted files get the owner that they had on the origin system. If it's done by an ordinary user, the user is the owner. -- I've always wanted to be a dilettante, but I've never quite been ready to make the commitment. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?866733dvwk.fsf>