[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: writability of directories in distributions
|
From: |
Jim Meyering |
|
Subject: |
Re: writability of directories in distributions |
|
Date: |
Sun, 29 Nov 2009 21:43:41 +0100 |
Bob Friesenhahn wrote:
> On Sat, 28 Nov 2009, Harlan Stenn wrote:
>> I just saw a patch go by about changing the perms on directories in
>> distribution tarballs.
>>
>> I'm a fan of 775 myself (ok, I really prefer 2775).
>>
>> But I can see that some would prefer 777, and others would prefer 755.
>>
>> The other issue, as I recall, has to do with whether or not 'root' is
>> doing the unpacking.
>
> Remember that 'root' is going away on many systems which are now using
> roles' (or temporary powers) instead.
At whatever pace, this won't be widespread enough
to constitute a solution anytime soon.
> Extracting a tarball as 'root'
> is a dangerous thing to do since many things may be preserved which
> make no sense for the current system, or may even be dangerous.
>
> The only approach which makes real sense is if the extracted files and
> directories are give the UID/GID of the user/group extracting those
IMHO, that is beyond the scope of my proposal.
We cannot control what tools people use.
However, automake *can* limit the risk when people use
tools (like GNU tar) that exhibit the offending behavior.
> files (according to OS-specific rules), and that directories are given
> access permissions limited only by the current umask and OS-specific
> rules (as per mkdir(2)). Much of this is based on behavior of the tar
> command used for the extraction.