From owner-freebsd-ports Thu Jul 29 13:51:25 1999 Delivered-To: freebsd-ports@freebsd.org Received: from gelemna.ft-wayne.in.us (fw5-48.fwi.com [209.84.173.244]) by hub.freebsd.org (Postfix) with ESMTP id 1EFD615197 for ; Thu, 29 Jul 1999 13:51:19 -0700 (PDT) (envelope-from croyle@gelemna.ft-wayne.in.us) Received: (from croyle@localhost) by gelemna.ft-wayne.in.us (8.9.3/8.9.3) id PAA38542; Thu, 29 Jul 1999 15:49:00 -0500 (EST) (envelope-from croyle) To: Slawek Zak Cc: ports@freebsd.org Subject: Re: Extracted files' permissions References: <19990729161457.A727@prioris.im.pw.edu.pl> Mime-Version: 1.0 (generated by tm-edit 7.108) Content-Type: text/plain; charset=US-ASCII From: Don Croyle Date: 29 Jul 1999 15:48:59 -0500 Organization: Minimal at best In-Reply-To: Slawek Zak's message of "Thu, 29 Jul 1999 16:14:57 +0200" Message-ID: <866733dvwk.fsf@emerson.gelemna.ft-wayne.in.us> Lines: 14 X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Slawek Zak writes: > When I lately extracted some packages, I have noticed that owners of > the files and directories are random (try make extract lang/lua or > lang/erlang) These UIDs may or may not exist on your system. If they > do, the files can be easily overwritten by malicious user and lead to > compromise of the system. If the extraction is done by the superuser, extracted files get the owner that they had on the origin system. If it's done by an ordinary user, the user is the owner. -- I've always wanted to be a dilettante, but I've never quite been ready to make the commitment. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message