Hello, Siim Põder wrote: > That has little to do with the actual vulnerability, hasn't it? It's a > possible workaround though, so that's great.
that's not a workaround. tar is supposed to overwrite files. If you don't want that behavior, use "-w". >>> Discussing wether root should ever run tar is irrelevant. >> Agreed, the discussion whether root should *run* tar or not is > I specifically said I didn't want to discuss this Yeah. So don't comment my comments... GTi _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
