* Re: permissions inside linux-2.6.0-test6.tar.bz2
[not found] <CJIC.4he.15@gated-at.bofh.it>
@ 2003-10-04 16:21 ` Pascal Schmidt
0 siblings, 0 replies; 3+ messages in thread
From: Pascal Schmidt @ 2003-10-04 16:21 UTC (permalink / raw)
To: linux-kernel; +Cc: Delian Krustev
> So, these files are not world readable as they should be.
> I bumped into this while trying to compile the kernel from user.
> Anyone trying to do so and trying to use one of these files is
> affected.
[...]
> One more thing I want to recommend. Please use the tar options
> --owner 0 --group 0 when creating the archive. The uid/gid 1046
> combination might already be present on the system(or appear in
> the future) and might bring security risks for the unwary.
Just don't unpack the sources as the user wanting to do the
compile, then tar can't set file ownership and the permissions are
okay for compiling.
--
Ciao,
Pascal
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: permissions inside linux-2.6.0-test6.tar.bz2
[not found] ` <CXsk.7ta.11@gated-at.bofh.it>
@ 2003-10-04 16:38 ` Pascal Schmidt
0 siblings, 0 replies; 3+ messages in thread
From: Pascal Schmidt @ 2003-10-04 16:38 UTC (permalink / raw)
To: linux-kernel
On Sat, 04 Oct 2003 18:30:16 +0200, you wrote in linux.kernel:
> Just don't unpack the sources as the user wanting to do the
> compile, then tar can't set file ownership and the permissions are
> okay for compiling.
s/don't//
--
Ciao,
Pascal
^ permalink raw reply [flat|nested] 3+ messages in thread
* permissions inside linux-2.6.0-test6.tar.bz2
@ 2003-10-04 1:47 Delian Krustev
0 siblings, 0 replies; 3+ messages in thread
From: Delian Krustev @ 2003-10-04 1:47 UTC (permalink / raw)
To: linux-kernel
First excuse me if this has already been posted but a quick search
showed me it hadn't. The problem is trivial and it should have been
resolved if it has been reported.
Here it is:
# tar xjf linux-2.6.0-test6.tar.bz2
# find . -not -perm -444 -exec ls -al "{}" \;
-rw-r----- 1 1046 1046 27217 Sep 28 03:51
./linux-2.6.0-test6/drivers/net/arm/ether00.c
-rw-r----- 1 1046 1046 13235 Sep 28 03:51
./linux-2.6.0-test6/drivers/char/agp/isoch.c
-rw-r----- 1 1046 1046 17188 Sep 28 03:51
./linux-2.6.0-test6/drivers/input/joystick/grip_mp.c
-rw-r----- 1 1046 1046 1992 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mach-integrator/lm.c
-rw-r----- 1 1046 1046 5363 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mach-integrator/impd1.c
-rw-r----- 1 1046 1046 422 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mach-integrator/Kconfig
-rw-r----- 1 1046 1046 698 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/common/platform.c
-rw-r----- 1 1046 1046 6062 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/common/amba.c
-rw-r----- 1 1046 1046 3352 Sep 28 03:51
./linux-2.6.0-test6/arch/arm/common/icst525.c
-rw-r----- 1 1046 1046 8717 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mm/Kconfig
-rw-r----- 1 1046 1046 11559 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mm/proc-arm1026.S
-rw-r----- 1 1046 1046 12538 Sep 28 03:50
./linux-2.6.0-test6/arch/arm/mm/proc-arm1020e.S
-rw-r----- 1 1046 1046 11806 Sep 28 03:51
./linux-2.6.0-test6/arch/arm/mm/proc-arm1022.S
-rw-r----- 1 1046 1046 1091 Sep 28 03:51
./linux-2.6.0-test6/arch/arm/mm/mmu.c
-rw-r----- 1 1046 1046 581 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/arch-integrator/lm.h
-rw-r----- 1 1046 1046 512 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/arch-integrator/impd1.h
-rw-r----- 1 1046 1046 350 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/traps.h
-rw-r----- 1 1046 1046 1152 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/hardware/icst525.h
-rw-r----- 1 1046 1046 1179 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/hardware/amba.h
-rw-r----- 1 1046 1046 34 Sep 28 03:50
./linux-2.6.0-test6/include/asm-arm/sections.h
-rw-r----- 1 1046 1046 5926 Sep 28 03:50
./linux-2.6.0-test6/include/video/neomagic.h
-rw-r----- 1 1046 1046 1593 Sep 28 03:51
./linux-2.6.0-test6/Documentation/scsi/ChangeLog.megaraid
So, these files are not world readable as they should be.
I bumped into this while trying to compile the kernel from user.
Anyone trying to do so and trying to use one of these files is
affected.
It's really a matter of running chmod -R but there might be some cases
where this is not possible.
One more thing I want to recommend. Please use the tar options
--owner 0 --group 0 when creating the archive. The uid/gid 1046
combination might already be present on the system(or appear in
the future) and might bring security risks for the unwary.
Regards
Delian Krustev
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-10-04 16:38 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <CJIC.4he.15@gated-at.bofh.it>
2003-10-04 16:21 ` permissions inside linux-2.6.0-test6.tar.bz2 Pascal Schmidt
[not found] <CXsk.7ta.13@gated-at.bofh.it>
[not found] ` <CXsk.7ta.11@gated-at.bofh.it>
2003-10-04 16:38 ` Pascal Schmidt
2003-10-04 1:47 Delian Krustev
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).