Alexander Jolk wrote:
Paul Bijnens wrote:
Making that one configurable at run time would be easy, but it
would also mean that the suid-root program that invokes tar can be
tricked into executing anything you like, giving root privileges to
anyone.
I don't think amrecover calls tar via runtar. I'd be pretty glad
already if I could define, at run-time, a different tar to use without
going trough runtar; if that means restoring as root only, that's fine
with me.
Yup, you're right. amrecover invokes whatever was defined in the
./configure --with-gnutar=/.../... without passing it through runtar.
Besides, amrecover checks already if being run as root, and if not,
complains too.
--
Paul Bijnens, Xplanation Tel +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512
http://www.xplanation.com/ email: [EMAIL PROTECTED]
***********************************************************************
* I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, *
* kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ... "Are you sure?" ... YES ... Phew ... I'm out *
***********************************************************************