Re: World writable tarballs

From: Heikki Orsila
Date: Sun Apr 30 2006 - 12:53:08 EST


On Sun, Apr 30, 2006 at 12:49:16PM +0100, Alistair John Strachan wrote:
> Really, people that complain about security should have a modicum of a clue;
> allowing a tar file that _somebody else_ applied _their_ security policy, to
> define yours, is a deeply flawed concept. umask is there for a reason.

I think you are missing an important point here. Any person who compiles
a kernel image trusts the providers much more than file modes if one is
to run the kernel too so it's not like file modes are killer of trust
here. You might also argue that "NO_ROOT_HOLE=yes make modules_install"
is required for kernel to install non-world-writable modules.

My umask is just fine, 077. Also, as noted, it does make sense
that tar preserves attributes because admins use it for backuping.

--
Heikki Orsila Barbie's law:
heikki.orsila@xxxxxx "Math is hard, let's go shopping!"
http://www.iki.fi/shd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/