Xref: utzoo comp.sources.d:2496 comp.unix.questions:8270 Path: utzoo!attcan!uunet!lll-winken!lll-lcc!ames!necntc!encore!loverso From: loverso@encore.UUCP (John Robert LoVerso) Newsgroups: comp.sources.d,comp.unix.questions Subject: Re: compress and setting owner/group Message-ID: <3353@encore.UUCP> Date: 15 Jul 88 15:29:16 GMT References: <23718@teknowledge-vaxc.ARPA> Reply-To: loverso@encore.UUCP (John Robert LoVerso) Organization: Encore Computer Corp, Marlboro, MA Lines: 14 In an article mkhaw@teknowledge-vaxc.ARPA (Mike Khaw) asks about why compress does a chown() on the output file. The reason for this is that if you are running as root and go and compress a 2Mb file some random joe-user has made, then compress will cleanup the resultant file by resetting the modification time and owner to the original file. O/w, the compressed file would be owned by root, and it would be less than useful to joe-user. The intent was *NOT* to have compress installed setuid root. This would be a massive security hole. John R LoVerso Encore Computer Corp encore!loverso, loverso@multimax.arpa