|
From: | Petr Sumbera |
Subject: | Re: [Bug-tar] tar 1.23 Solaris regression |
Date: | Tue, 10 Aug 2010 14:00:07 +0200 |
User-agent: | Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.9.1.5) Gecko/20091206 Lightning/1.0pre Thunderbird/3.0 |
On 08/02/10 22:36, Paul Eggert wrote:
On 08/02/10 12:28, Eric Blake wrote:since tar does have the likelihood of creating children, yes, it should play nicely and restore privileges before exec()ing.Yes, that makes sense. However, the proposed patch isn't quite right, since it restores PRIV_SYS_LINKDIR even if the user had removed that privilege before invoking 'tar'.
I don't think that PRIV_SYS_LINKDIR is added even if it wasn't there at program start. See priv_set_restore() which is checking whether the privilege was removed.
See the code from GNU tar 1.23: http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/gtar/tar-1.23/gnu/priv-set.c#124David, I see this is your code in priv-set.c. I think your comments for priv_set_remove() and priv_set_restore() are not correct. The code looks to me that it actually returns -1 for:
83 Returns 0 if ... or was not present in the effective set. 114 Returns 0 if ... 115 ... or if priv was already in the 116 effective set. Petr
[Prev in Thread] | Current Thread | [Next in Thread] |