chapter 6, installing kernel headers

Gerard Beekmans gerard at linuxfromscratch.org
Mon Jan 27 09:30:28 PST 2003


On January 19, 2003 12:24 pm, Don Smith wrote:
> His example is off. I think he is saying someone could append a
> trojanned /bin/ls to any tarball and if you extract that tarball as
> root, the trojanned ls would end up in your /bin. Probably a good idea
> to not extract things as root.

Normally tar won't do that, unless you unpack the tarball with the -P option 
which will not strip a leading / from the paths.

As long as you don't add -P to your untar command, those things won't happen.

-- 
Gerard Beekmans
www.linuxfromscratch.org

-*- If Linux doesn't have the solution, you have the wrong problem -*-
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message



More information about the lfs-dev mailing list