Re: stable coreutils-8.1 today, fingers crossed

[Gilles Espinasse]

----- Original Message ----- 
From: "Gilles Espinasse" <address@hidden>
To: "Jim Meyering" <address@hidden>
Cc: <address@hidden>; "Andreas Schwab" <address@hidden>;
"Pádraig Brady" <address@hidden>; "Eric Blake" <address@hidden>
Sent: Saturday, November 21, 2009 9:12 PM
Subject: Re: stable coreutils-8.1 today, fingers crossed
> > > But pwd-long still fail as coreutils-8.1 and src directories are
writable by everyone.
> > > [chroot-i486] root:/usr/src$ tar xf cache/coreutils-8.1.tar.gz
> > > [chroot-i486] root:/usr/src$ ls -ld coreutils-8.1/src
> > > drwxrwxrwx 2 root root 4096 Nov 18 18:55 coreutils-8.1/src
> > > [chroot-i486] root:/usr/src$ ls -ld coreutils-8.1 coreutils-8.1/src
> > > drwxrwxrwx 13 root root 4096 Nov 18 18:55 coreutils-8.1
> > > drwxrwxrwx  2 root root 4096 Nov 18 18:55 coreutils-8.1/src
> >
> > That is happening only to you -- because you have an unsafe umask of 0.
> > Don't do that!  It is especially problematic when done by "root".
> >
> > Put this in one of your shell start-up scripts:
> >
>> umask 022
>
> [chroot-i486] root:/$ umask
> 0022
> [chroot-i486] root:/$ rm -rf /usr/src/coreutils*
> [chroot-i486] root:/$ cd /usr/src
> [chroot-i486] root:/usr/src$ tar xf cache/coreutils-8.1.tar.gz
> [chroot-i486] root:/usr/src$ ls -ld /usr /usr/src /usr/src/coreutils-8.1
> /usr/src/coreutils-8.1/src
> drwxr-xr-x  9 root root 4096 Nov 21 13:10 /usr
> drwxr-xr-x 15 root root 4096 Nov 21 20:16 /usr/src
> drwxrwxrwx 13 root root 4096 Nov 18 18:55 /usr/src/coreutils-8.1
> drwxrwxrwx  2 root root 4096 Nov 18 18:55 /usr/src/coreutils-8.1/src
>
> don't know why

Just the side effect of using tar as root
--no-same-permissions let umask be applied

Gilles