On Tue, Aug 10, 2010 at 5:00 AM, Petr Sumbera <[email protected]> wrote: > On 08/02/10 22:36, Paul Eggert wrote: >> >> On 08/02/10 12:28, Eric Blake wrote: >>> >>> since tar does have the likelihood >>> of creating children, yes, it should play nicely and restore privileges >>> before exec()ing. >> >> Yes, that makes sense. However, the proposed patch isn't quite >> right, since it restores PRIV_SYS_LINKDIR even if the user had >> removed that privilege before invoking 'tar'. > > I don't think that PRIV_SYS_LINKDIR is added even if it wasn't there at > program start. See priv_set_restore() which is checking whether the > privilege was removed.
Correct. > > See the code from GNU tar 1.23: > http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/gtar/tar-1.23/gnu/priv-set.c#124 > > David, I see this is your code in priv-set.c. I think your comments for > priv_set_remove() and priv_set_restore() are not correct. The code looks to > me that it actually returns -1 for: Yes, the comments are wrong. > 83 Returns 0 if ... or was not present in the effective set. > 114 Returns 0 if ... > 115 ... or if priv was already in the > 116 effective set. > > Petr >
