From owner-freebsd-current@FreeBSD.ORG  Fri Sep 24 15:50:46 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4D1A416A5D2; Fri, 24 Sep 2004 15:50:45 +0000 (GMT)
Received: from post5.inre.asu.edu (post5.inre.asu.edu [129.219.110.120])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2301643D6E; Fri, 24 Sep 2004 15:50:44 +0000 (GMT)
	(envelope-from David.Bear@asu.edu)
Received: from conversion.post5.inre.asu.edu by asu.edu (PMDF V6.1-1X6 #30769)
 id <0I4J00A01YIJQB@asu.edu>; Fri, 24 Sep 2004 08:47:07 -0700 (MST)
Received: from smtp.asu.edu (smtp.asu.edu [129.219.110.107])
	<0I4J009IAYIJVI@asu.edu>; Fri, 24 Sep 2004 08:47:07 -0700 (MST)
Received: from moroni.pp.asu.edu (moroni.pp.asu.edu [129.219.69.200])
	(8.12.10/8.12.10/asu_smtp_relay,nullclient,tcp_wrapped)
	with ESMTP id i8OFl671012939; Fri, 24 Sep 2004 08:47:06 -0700 (MST)
Received: by moroni.pp.asu.edu (Postfix, from userid 500)	id 7A37CE8D; Fri,
	24 Sep 2004 08:46:41 -0700 (MST)
Received: from post1.inre.asu.edu (post1.inre.asu.edu [129.219.110.72])
	by imap1.asu.edu (8.11.0/8.11.0/asu_cyrus,tcp_wrapped)
 with ESMTP id g5768rE29513	for <iddwb@IMAP1.ASU.EDU>; Thu,
 06 Jun 2002 23:08:57 -0700 (MST)
Received: from conversion.post1.inre.asu.edu by asu.edu (PMDF V6.1 #40110)
	david.bear@asu.edu) ; Thu, 06 Jun 2002 23:08:53 -0700 (MST)
Received: from mx2.freebsd.org (mx2.FreeBSD.org [216.136.204.119])
 by asu.edu (PMDF V6.1 #40110) with ESMTP id <0GXB001NTNQSFU@asu.edu> for
 iddwb@IMAP1.ASU.EDU (ORCPT david.bear@asu.edu); Thu,
 06 Jun 2002 23:08:52 -0700 (MST)
Received: from hub.freebsd.org (hub.FreeBSD.org [216.136.204.18])
	by mx2.freebsd.org (Postfix) with ESMTP	id B6D4055AF3; Thu,
 06 Jun 2002 23:08:49 -0700
Received: by hub.freebsd.org (Postfix, from userid 538)	id 0E2E337B419; Thu,
	06 Jun 2002 23:08:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])	by hub.freebsd.org (Postfix)
	with SMTP	id 09E312E800E; Thu, 06 Jun 2002 23:08:27 -0700 (PDT)
Received: by hub.freebsd.org (bulk_mailer v1.12); Thu,
 06 Jun 2002 23:08:27 -0700
Received: from sdns.kv.ukrtel.net (sdns.kv.ukrtel.net [195.5.27.246])
	by hub.freebsd.org (Postfix) with ESMTP	id DE4B437B40B; Thu,
 06 Jun 2002 23:07:59 -0700 (PDT)
Received: from vega.vega.com (195.5.51.243 [195.5.51.243])
 by sdns.kv.ukrtel.net with SMTP
 (Microsoft Exchange Internet Mail Service Version 5.5.2650.21)
	id M2L7DMW7; Fri, 07 Jun 2002 09:09:58 +0300
Received: (from max@localhost)	by vega.vega.com (8.11.6/8.11.3)
 id g57682M20849; Fri,
 07 Jun 2002 09:08:02 +0300 (EEST envelope-from sobomax@FreeBSD.org)
From: Maxim Sobolev <sobomax@FreeBSD.ORG>
In-reply-to: <no.id@mx2.FreeBSD.org>
Sender: owner-freebsd-security@FreeBSD.ORG
To: dwbear75@gmail.com
Message-id: <200206070608.g57682M20849@vega.vega.com>
MIME-version: 1.0
X-Mailer: ELM [version 2.5 PL5]
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit
Precedence: bulk
X-Loop: FreeBSD.org
Delivered-to: freebsd-security@freebsd.org
Old-To: sobomax@FreeBSD.ORG (Maxim Sobolev)
Lines: 22
X-Keywords: 
cc: Maxim Sobolev <sobomax@FreeBSD.ORG>
cc: current@FreeBSD.ORG
cc: security@FreeBSD.ORG
Subject: Re: WARNING! New GNU Tar in 5-CURRENT could erroneously createworld
 writeable dirs
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
Date: Fri, 24 Sep 2004 15:50:46 -0000
X-Original-Date: Fri, 07 Jun 2002 09:08:02 +0300 (EEST)
X-List-Received-Date: Fri, 24 Sep 2004 15:50:46 -0000

> 
> > 
> > Hi,
> > 
> > I've just noticed that something wrong with the new tar in the base
> > system (1.13.25) - when extracting some archives it creates 777 dirs,
> > while permissions in the archive itself are OK (for example GNU make
> > make-3.79.1.tar.gz - top level dir gets 777 as well as several
> > other lowel level dirs). The issue is under investigation.
> 
> Should be solved now. Stupid GNU folks for some reason decided that
> when tar is executed as uid 0 then by default umask(2) should not be
> applied to files and dirs being extracted.

That said, anybody who runs 5.0-CURRENT with the new tar is advised to
clean up all ports' WRKDIRs she might have, to avoid being trojaned
by a local user.

-Maxim

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message