From 08ebf8d7df645851cb5597fd7f755551655c5aa8 Mon Sep 17 00:00:00 2001
From: Stelian Pop <stelian@popies.net>
Date: Fri, 5 Nov 1999 22:02:11 +0000
Subject: [PATCH] Use lchown instead of chown (security problem of symlinks
 ownership)

---
 CHANGES        | 11 ++++++++++-
 MCONFIG.in     |  4 ++--
 config.h.in    |  3 +++
 configure      |  2 +-
 configure.in   |  2 +-
 dump.lsm       |  6 +++---
 dump.spec      |  5 ++++-
 restore/tape.c |  6 ++++--
 8 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/CHANGES b/CHANGES
index 48e9e60..98793c8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,13 @@
-$Id: CHANGES,v 1.12 1999/11/03 21:05:52 tiniou Exp $
+$Id: CHANGES,v 1.13 1999/11/05 22:02:11 tiniou Exp $
+
+Changes between versions 0.4b8 and 0.4b9 (released November 5, 1999)
+====================================================================
+
+1.	Use lchown instead of chown, fixing a possible security problem 
+	when restoring symlinks (a malicious user could use this
+	to deliberately corrupt the ownership of important system files).
+	Thanks to Chris Siebenmann <cks@utcc.utoronto.ca> for detecting
+	this and providing the patch.
 
 Changes between versions 0.4b7 and 0.4b8 (released November 3, 1999)
 ====================================================================
diff --git a/MCONFIG.in b/MCONFIG.in
index 0e649af..871a8d9 100644
--- a/MCONFIG.in
+++ b/MCONFIG.in
@@ -2,8 +2,8 @@ VPATH=		$(srcdir)
 
 top_builddir=	@top_builddir@
 
-VERSION=	0.4b8
-DATE=		November 3, 1999
+VERSION=	0.4b9
+DATE=		November 5, 1999
 
 AR=		@AR@
 CC=		@CC@
diff --git a/config.h.in b/config.h.in
index d7e66cb..c3d882c 100644
--- a/config.h.in
+++ b/config.h.in
@@ -38,3 +38,6 @@
 
 /* Define if you have the glob function.  */
 #undef HAVE_GLOB
+
+/* Define if you have the lchown function.  */
+#undef HAVE_LCHOWN
diff --git a/configure b/configure
index 096ebde..7c8e470 100755
--- a/configure
+++ b/configure
@@ -1615,7 +1615,7 @@ if test "$ext2fs_h" = no -o "$ext2fs_lib" = no; then
 	{ echo "configure: error: You need to install the Ext2fs libraries from the E2fsprogs distribution first" 1>&2; exit 1; }
 fi
 
-for ac_func in err errx verr verrx vwarn vwarnx warn warnx realpath glob
+for ac_func in err errx verr verrx vwarn vwarnx warn warnx realpath glob lchown
 do
 echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
 echo "configure:1622: checking for $ac_func" >&5
diff --git a/configure.in b/configure.in
index a66f628..adc764b 100644
--- a/configure.in
+++ b/configure.in
@@ -215,7 +215,7 @@ fi
 dnl
 dnl Check for library functions
 dnl
-AC_CHECK_FUNCS(err errx verr verrx vwarn vwarnx warn warnx realpath glob)
+AC_CHECK_FUNCS(err errx verr verrx vwarn vwarnx warn warnx realpath glob lchown)
 
 dnl
 dnl Check for types
diff --git a/dump.lsm b/dump.lsm
index 6286e9d..41c975e 100644
--- a/dump.lsm
+++ b/dump.lsm
@@ -1,13 +1,13 @@
 Begin3
 Title:          dump and restore for Ext2fs
-Version:        0.4b8
-Entered-date:   03NOV99
+Version:        0.4b9
+Entered-date:   05NOV99
 Description:    Port of the 4.4BSD dump and restore backup suite
 Keywords:       backup, filesystem, Ext2fs
 Author:         University of California, Berkeley
 Maintained-by:  pop@cybercable.fr (Stelian Pop)
 Primary-site:   tsx-11.mit.edu /pub/linux/ALPHA/ext2fs
-                135kB dump-0.4b8.tar.gz
+                135kB dump-0.4b9.tar.gz
                 677 dump.lsm
 Alternate-site: http://perso.cybercable.fr/pop/dump
 Original-site:  ftp.freebsd.org /pub/bsd-sources/4.4BSD-Lite2/sbin
diff --git a/dump.spec b/dump.spec
index 9a3bae9..2a2b793 100644
--- a/dump.spec
+++ b/dump.spec
@@ -1,6 +1,6 @@
 Summary: Programs for backing up and restoring filesystems.
 Name: dump
-Version: 0.4b8
+Version: 0.4b9
 Release: 1
 Copyright: UCB
 Group: Applications/Archiving
@@ -78,6 +78,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_prefix}/man/man8/rmt.8 
 
 %changelog
+* Wed Nov 5 1999 Stelian Pop <pop@cybercable.fr>
+- dump 0.4b9 released, first packaging.
+
 * Wed Nov 3 1999 Stelian Pop <pop@cybercable.fr>
 - dump 0.4b8 released, first packaging.
 
diff --git a/restore/tape.c b/restore/tape.c
index 5551981..754da61 100644
--- a/restore/tape.c
+++ b/restore/tape.c
@@ -45,7 +45,7 @@
 
 #ifndef lint
 static const char rcsid[] =
-	"$Id: tape.c,v 1.6 1999/10/13 09:57:21 stelian Exp $";
+	"$Id: tape.c,v 1.7 1999/11/05 22:02:19 tiniou Exp $";
 #endif /* not lint */
 
 #include <sys/param.h>
@@ -579,7 +579,9 @@ extractfile(char *name)
 		}
 		if (linkit(lnkbuf, name, SYMLINK) == FAIL)
 			return (FAIL);
-		(void) chown(name, luid, lgid);
+#ifdef HAVE_LCHOWN
+		(void) lchown(name, luid, lgid);
+#endif
 		return (GOOD);
 	}
 
-- 
2.39.2