Xref: utzoo comp.sources.d:2496 comp.unix.questions:8270
Path: utzoo!attcan!uunet!lll-winken!lll-lcc!ames!necntc!encore!loverso
From: loverso@encore.UUCP (John Robert LoVerso)
Newsgroups: comp.sources.d,comp.unix.questions
Subject: Re: compress and setting owner/group
Message-ID: <3353@encore.UUCP>
Date: 15 Jul 88 15:29:16 GMT
References: <23718@teknowledge-vaxc.ARPA>
Reply-To: loverso@encore.UUCP (John Robert LoVerso)
Organization: Encore Computer Corp, Marlboro, MA
Lines: 14

In an article mkhaw@teknowledge-vaxc.ARPA (Mike Khaw) asks about why
compress does a chown() on the output file.

The reason for this is that if you are running as root and go and compress
a 2Mb file some random joe-user has made, then compress will cleanup
the resultant file by resetting the modification time and owner to the
original file.  O/w, the compressed file would be owned by root, and it
would be less than useful to joe-user.

The intent was *NOT* to have compress installed setuid root.  This would
be a massive security hole.

John R LoVerso
Encore Computer Corp
encore!loverso, loverso@multimax.arpa