>Amanda's "runtar" program, suid root by default on FreeBSD 3.3, calls >/usr/bin/tar and passes all args given to runtar to this program. Tar is FWIW, runtar does not need to be suid root if the amanda user (defaults to user "amanda") has read access to the raw disks. This is typically accomplished by adding amanda to which ever group owns the disks. This doesn't fix the buffer overflow problem in tar, but it is a decent work around. Of course, it would be better if setuid root were not the default configuration :( - Rob .
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:09:23 PDT