[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] tar 1.23 Solaris regression
From: |
Eric Blake |
Subject: |
Re: [Bug-tar] tar 1.23 Solaris regression |
Date: |
Tue, 03 Aug 2010 10:33:52 -0600 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.7) Gecko/20100720 Red Hat/3.1.1-1.el6 Mnenhy/0.8.3 Thunderbird/3.1.1 |
On 08/03/2010 03:24 AM, Joerg Schilling wrote:
> Paul Eggert <address@hidden> wrote:
>
>> On 08/02/10 12:28, Eric Blake wrote:
>>> since tar does have the likelihood
>>> of creating children, yes, it should play nicely and restore privileges
>>> before exec()ing.
>>
>> Yes, that makes sense. However, the proposed patch isn't quite
>> right, since it restores PRIV_SYS_LINKDIR even if the user had
>> removed that privilege before invoking 'tar'.
>
> What is the reason for playing with privileges inside a tar implementaton?
As I said earlier:
http://lists.gnu.org/archive/html/bug-tar/2010-08/msg00002.html
>> I think the reason was to make sure that unlink on directories didn't
>> work, avoiding a stat call to check if the target was a directory.
>
> Not only that, but to avoid _hosing_ your file system if it calls
> unlink() on what it thought was a file but in reality was a non-empty
> directory slipped into its place at the last minute by an attacker.
> That is, the inherent race between stat()ing a file and unlink()ing it
> can lead to some serious messes that fsck will just punt on; and the
> best way to avoid it is to ensure that unlink() atomically fails on
> directories, by (temporarily) giving up that extra privilege.
--
Eric Blake address@hidden +1-801-349-2682
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
- [Bug-tar] tar 1.23 Solaris regression, Petr Sumbera, 2010/08/02
- Re: [Bug-tar] tar 1.23 Solaris regression, David Bartley, 2010/08/02
- Re: [Bug-tar] tar 1.23 Solaris regression, Eric Blake, 2010/08/02
- Re: [Bug-tar] tar 1.23 Solaris regression, Petr Sumbera, 2010/08/10
- Re: [Bug-tar] tar 1.23 Solaris regression, David Bartley, 2010/08/10
- Re: [Bug-tar] tar 1.23 Solaris regression, Petr Sumbera, 2010/08/10
- Re: [Bug-tar] tar 1.23 Solaris regression, David Bartley, 2010/08/10