On 1/11/23 14:32, Christoph Anton Mitterer wrote:
The best way is to simply use -o and by that ignore the path in the
file
I suppose I can document that in our man page, that users should either
manually verify the path in the file or manually specify an output path
with -o.
I do note we already deviate from a strict reading of the standard for
another security issue - whatever mode is specified in the uudecode file,
we mask against 0777 to strip off setuid, setgid, or sticky bits, due to
a fix decades ago that our history says was brought into SunOS from
the 4.3 Tahoe release of BSD to protect against auto-uudecoding by root
when processing mail that came in over UUCP links long long ago. I see
the FreeBSD, OpenBSD, NetBSD & GNU man pages explicitly call out "setuid
and execute bits are not retained" where ours says "except setuid, setgid,
and sticky-bits". The BSDs source code masks against 0666, while GNU
masks against (S_IRWXU | S_IRWXG | S_IRWXO), so it appears we all agree on
the setgid & sticky bits as well, they just don't call those out in the
documentation. (I wonder if any implementation truly honors the standard
requirement to set the mode bits exactly as specified in the file.)
And of course, using -o avoids any issues with the permission bits as well.
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/solaris
