Kris Kennaway wrote: > > ....can't you make it just not clear > permissions on files and directories that already exist? If they have > relaxed or insecure permissions, they had insecure permissions to > begin with and one may assume this is by intention. And, conversely, if they had restricted permissions, then we can assume that was by intention and we shouldn't loosen them. <sigh> That makes the current behavior actually less secure than it should be, doesn't it? Try the attached and let me know if that fixes it. Tim Index: archive_read_extract.c =================================================================== RCS file: /home/ncvs/src/lib/libarchive/archive_read_extract.c,v retrieving revision 1.33 diff -u -r1.33 archive_read_extract.c --- archive_read_extract.c 7 Aug 2004 03:09:28 -0000 1.33 +++ archive_read_extract.c 21 Aug 2004 21:21:27 -0000 _at__at_ -479,7 +479,7 _at__at_ if (extract->pst != NULL) { extract->pst = &extract->st; if (S_ISDIR(extract->pst->st_mode)) - goto success; + return (ARCHIVE_OK); /* It exists but isn't a dir. */ if ((flags & ARCHIVE_EXTRACT_UNLINK)) unlink(path);Received on Sat Aug 21 2004 - 19:24:03 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:07 UTC