[hackers] tar ownership/mode fixups

From: Brad Barden <b+suckless_AT_13os.net>
Date: Thu, 19 Nov 2015 01:41:25 -0600


Here are two patches tar I'm using for suckless tar.

The first is a small patch to remove a short access race condition on
newly-created files.


mode for newly-created files should be restrictive. chmod is always
called soon after to set correct mode from the archive.

The second is a larger patch, which could be split up if necessary. Much
of the size is due to renaming the variables/functions to stay sensible.


by re-ordering when chmod/chown is done, only a list of directories (not
all files) need be kept for fixing mtime.

this also fixes an issue where set-user-id files in a tar may not work. chmod
is done before chown and before the file is written. if ownership changes, or
the file is being written as a normal user, the setuid bit would be cleared.

also fixes ownership of symbolic links. previously a chown() was called,
which would change the ownership of the link target. lchown() is now
used for symbolic links.

renamed all ent, ent* functions to dir* as it better describes what they

use timespec/utimensat instead of timeval/utimes to get AT_SYMLINK_NOFOLLOW

I hope this is useful.


Received on Thu Nov 19 2015 - 08:41:25 CET

This archive was generated by hypermail 2.3.0 : Thu Nov 19 2015 - 08:48:13 CET