Date: Fri, 24 Sep 2004 15:50:45 -0000 From: Dan Nelson <dnelson@allantgroup.com> To: dwbear75@gmail.com Cc: security@FreeBSD.ORG Subject: Re: WARNING! New GNU Tar in 5-CURRENT could erroneously createworld writeable dirs Message-ID: <20020607022829.GF21901@dan.emsphone.com> In-Reply-To: <20020606210833.W28206-100000@blues.jpj.net> References: <200206062245.g56Mjq319565@vega.vega.com> <20020606210833.W28206-100000@blues.jpj.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Jun 06), Trevor Johnson said: > > I've just noticed that something wrong with the new tar in the base > > system (1.13.25) - when extracting some archives it creates 777 dirs, > > while permissions in the archive itself are OK (for example GNU make > > make-3.79.1.tar.gz - top level dir gets 777 as well as several > > other lowel level dirs). The issue is under investigation. > > The latest version on ftp://ftp.gnu.org/gnu/tar/ is 1.13. The ones on > ftp://alpha.gnu.org/gnu/tar/ (and everything else on that site) are > considered unstable. I suppose it's too late to suggest tar 1.13 as a > starting point, but maybe this could be kept in mind when importing other > GNU products. Tar 1.13 is 3 years old, and has many bugs (incremental backups are unusable, for example). -- Dan Nelson dnelson@allantgroup.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020607022829.GF21901>