Date: Fri, 18 Jun 2010 08:29:58 +1000 From: Sean <sean@gothic.net.au> To: Leif Walsh <leif.walsh@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re: [Stable 7] CPIO breakage/ Message-ID: <820425CC-DEE2-4243-9549-E4C69A13517E@gothic.net.au> In-Reply-To: <AANLkTin8EINpW6kDTNZsTJOrvGnDAA6WCrRSJazZczyd@mail.gmail.com> References: <1276639800.2462.80.camel@localhost.localdomain> <1276646707.2462.82.camel@localhost.localdomain> <4C18195A.3020501@delphij.net> <20100617205302.GA60347@server.vk2pj.dyndns.org> <4C1A9989.3090507@gothic.net.au> <AANLkTin8EINpW6kDTNZsTJOrvGnDAA6WCrRSJazZczyd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18/06/2010, at 8:02 AM, Leif Walsh wrote: > On Thu, Jun 17, 2010 at 2:54 PM, Sean <sean@gothic.net.au> wrote: >> Easy. >> Create a symlink etc, to /etc >> Create a file etc/passwd containing whatever you want. >=20 > This could be an artifact of coming from the Linux world and knowing > little about the BSD kernel (and I should probably lurk a bit longer > before posting on a new list), but wouldn't the symlink resolve and > result in a totally new chain of lookup/permissions calls? I don't > see how making a symlink to a location allows you to change the > permissions of that location just by changing the permissions of the > symlink. >=20 It only works if the user extracting already has permission to write = there anyway. It's a means of taking advantage of a privileged user who = extracts the tar. > --=20 > Cheers, > Leif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?820425CC-DEE2-4243-9549-E4C69A13517E>