Isn't setuid root dump/restore a security hole? Setuid dump allows any user on your system to read the contents of any file. Setuid restore allows one to replace any file. Unless the programs do some sanity checking. Even if they do, there's no reason for them to be setuid. bash$ rpm -qilv dump | egrep sbin/dump\|sbin/restore\|Version\|Release Version : 0.3 Vendor: Red Hat Software Release : 14 Build Date: Tue Jul 14 17:58:11 1998 -rwsr-sr-x root root 36644 Jul 14 17:58 /sbin/dump -rwsr-sr-x root root 56732 Jul 14 17:58 /sbin/restore
I have verified that the dump and restore binaries are setuid and therefor am assigning this to a developer for further review.
The dump/restore binaries need to be setuid root in order to communicate to a remote host. Immediately after parsing arguments and (possibly) establishing the connection to the remote host, the uid is reverted to the invoking user. There was another minor problem, however. The group on dump/restore should have been tty, not root. This has been fixed in dump-0.3-16.