Re: preparing 2.3.6
On Wed, Jun 20, 2001 at 06:31:21AM -0800, Ethan Benson wrote:
> On Wed, Jun 20, 2001 at 08:09:14AM -0600, Matt Kraai wrote:
> >
> > I think it is sufficient to remove the calls to umask (0) in
> > tar.c. We always call chmod on the created file, so the only way
> > this could cause problems is if the umask of the file disallows
> > all write permissions. In this case, GNU tar fails so I don't
> > think we should have to do more.
> >
> > Furthermore, I think that it really is a problem with base-files.
> > Relying on the umask set when debootstrap is run to ensure a
> > secure system is scary.
>
> we can't depend on base-files to cleanup a screwup by busybox tar
> since the affected directories are not present in base-files (/etc/apm
> for example). the base-files extraction already appears to fix alot
> of these, but not all, thats why busybox tar must behave itself.
I agree that tar should not unconditionally create leading
directories with 0777 permissions.
However, relying on the umask at installation time is extremely
fragile. Hoping that it just happens to be right for the
leading directories is bound to break. In the case you mention,
the driver disks should include /etc/apm (and /etc/apm/event.d)
in the tar file as well to ensure that they are created with the
appropriate permissions.
Matt
Reply to: