>Hi,
>
>I'm debugging an issue with GNU tar. Without going into a lot of
>details (though I can if needed), here's a truss snippet of 'tar -xzf
>foo.tar.gz' running as root:
>
>2655: getppriv(PRIV_EFFECTIVE, {ffffffffffffffffffffffff}) = 0
>2655: all
>2655: setppriv(PRIV_SET, PRIV_EFFECTIVE, {ffffffffffffbfffffffffff}) = 0
>2655: all,!sys_linkdir
>2655: unlink("usr/bin/passwd") = 0
>2655: open64("usr/bin/passwd", O_WRONLY|O_CREAT|O_EXCL, 0500) = 4
>.
>.
>.
>2655: chown("usr/bin/passwd", 0, 3) = 0
>2655: chmod("usr/bin/passwd", 06555) Err#1 EPERM [ALL]
>
>Looking at the chmod(2) man page, I don't see why I would require all
>privileges. Is this undocumented behaviour or am I missing something?
You need all privileges because you are installing a set-uid root
application. When you can install a set-uid root application, you
get access to all privileges. And that gives you all privileges.
When I designed the privilege system, I felt that for a particular
action you need at least as many privileges as you could gain.
Casper
_______________________________________________
opensolaris-code mailing list
opensolaris-code@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
