Re: WARNING! New GNU Tar in 5-CURRENT could erroneously create world writeable dirs

From: Dan Nelson (dnelson@allantgroup.com)
Date: 06/07/02


Date: Thu, 6 Jun 2002 21:28:30 -0500
From: Dan Nelson <dnelson@allantgroup.com>
To: Trevor Johnson <trevor@jpj.net>

In the last episode (Jun 06), Trevor Johnson said:
> > I've just noticed that something wrong with the new tar in the base
> > system (1.13.25) - when extracting some archives it creates 777 dirs,
> > while permissions in the archive itself are OK (for example GNU make
> > make-3.79.1.tar.gz - top level dir gets 777 as well as several
> > other lowel level dirs). The issue is under investigation.
>
> The latest version on ftp://ftp.gnu.org/gnu/tar/ is 1.13. The ones on
> ftp://alpha.gnu.org/gnu/tar/ (and everything else on that site) are
> considered unstable. I suppose it's too late to suggest tar 1.13 as a
> starting point, but maybe this could be kept in mind when importing other
> GNU products.

Tar 1.13 is 3 years old, and has many bugs (incremental backups are
unusable, for example).

-- 
	Dan Nelson
	dnelson@allantgroup.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message