Re: [Evolution] Where does evolution store its files?

From: Pete Biggs <pete biggs org uk>
To: evolution-list gnome org
Subject: Re: [Evolution] Where does evolution store its files?
Date: Fri, 27 Jan 2012 09:13:09 +0000


This isn't true;  tar can request to not set the ownership, it can just
extract the files and leave permissions and ownership alone.

If that were the case, hacking a system would be trivially easy: get a
user login process, untar a pre-made tar ball with setuid root scripts
in it, elevate privileges.  One of the basic tenets of the Unix security
model is that a non-root process can only create files with the same
ownership as that process is running as; further, a process can not
"give away" ownership of a file.

P.

References:
- [Evolution] Where does evolution store its files?
  - From: Michael Hennebry
- Re: [Evolution] Where does evolution store its files?
  - From: Paul Menzel
- Re: [Evolution] Where does evolution store its files?
  - From: Matthew Barnes
- Re: [Evolution] Where does evolution store its files?
  - From: Michael Hennebry
- Re: [Evolution] Where does evolution store its files?
  - From: Patryk Benderz
- Re: [Evolution] Where does evolution store its files?
  - From: Michael Hennebry
- Re: [Evolution] Where does evolution store its files?
  - From: Pete Biggs
- Re: [Evolution] Where does evolution store its files?
  - From: Adam Tauno Williams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]