Hi,
I'm attaching the patch we use at the moment. We try to keep our patches
as small as possible, so it is a bit Solaris specific. If you think that
this could be merged into gzip tree, I'm happy to work on more generic
approach - configure testing availability of new headers and functions
used.
Hi,
> > But the chown
> > will be executed anyway just in a different sequence, so I don't see the
> > difference.
>
> The difference is that the setuid or setgid bits will be cleared
> by the chown, which means they'll be incorrect in the final version
> of the file. If you execute the chmod a
Doesn't this patch introduce a security hole into the
Solaris port of gzip?
If gzip chmods the output file before chowning it,
the output file may be (say) group-readable to the
current user's group, even though the intent is
that the file be group-readable only to the intended
user's group. This
On 10/21/13 01:55, Vladimir Marek wrote:
> what breaks if we switch it in all cases?
Then we'd have that security hole on all platforms,
not just on Solaris.
