On Sun, Nov 20, 2005 at 10:49:04PM +0100, Pavel Cahyna wrote:
> On Sun, Nov 20, 2005 at 10:42:49PM +0100, Manuel Bouyer wrote:
> > > > tar silently defaults to root:wheel (or whatever uid/gid tar is running under)
> > > 
> > > I just looked to the system where I did the install, and saw that for
> > > those files, tar (pax, actually) chose the "correct" UID and GID, not
> > > root:wheel.
> > 
> > It did not on my system, but I tried on 1.6.2. 2.x and 3.0_BETA
> > obviously have this user name so it's not easy to do this check here.
> 
> Haven't you forgot -pe ?

No, I checked again, I really did tar -p
Hum, maybe these users exists on the boot floppy's passwd/group files, so
tar can work from here ? From what I can see in the sources, it does.

> 
> > > So IMHO if those UIDs or GIDs were in use by another user or group, I
> > > would end with a system with setgid binaries owned by a group different
> > > that intended. If I chose a random UID/GID whwn creating those
> > > special users and groups, I would end with files owned by nonexistent
> > > users or groups. Is this correct?
> > 
> > postinstall will take care of resetting the proper permissions, I think
> 
> for /usr/libexec/sendmail/sendmail it does, but not for the others.

I think smmsp was the only user/group added since postinstall was added,
which have suid/sgid binaries 

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--