Date: Tue, 7 Jan 2003 21:15:47 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: Mark <admin@asarian-host.net> Cc: freebsd-bugs@FreeBSD.org Subject: Re: bin/46838: security vulnerability in dump Message-ID: <20030107211547.GD82447@walton.maths.tcd.ie> In-Reply-To: <200301072050.h07Ko4Kj025064@freefall.freebsd.org> References: <200301072050.h07Ko4Kj025064@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 07, 2003 at 12:50:04PM -0800, Mark wrote: > I realize running "umask 077" will prevent this problem. But I also believe > dump is a special case, as most individual programs do not create > world-readable files containing root's view of the filesystem data. Just about any command can create world readable files containing root's view of a filesystem: cp, tar, cat, dd. I'd also expect that people may use dump to create (say) group readable files which can be restored by those in group operator, or somesuch. If there's a general consensus for change, I'll go along with it - otherwise I'll close the PR as one of the many ways unix offers you to shoot yourself in the foot. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030107211547.GD82447>