GNU tar + hard link bug; possible security issue!

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GNU tar + hard link bug; possible security issue!

From:	Dan Egnor
Subject:	GNU tar + hard link bug; possible security issue!
Date:	Sat, 19 May 2001 23:34:10 -0700
User-agent:	Mutt/1.2.5i

This is demonstrated best by example.

rm -rf /tmp/foo /tmp/bar /tmp/tmp # be careful
touch /tmp/foo
ln /tmp/foo /tmp/bar
tar -cf- /tmp/foo /tmp/bar | tar -C /tmp -xf-
ls -l /tmp/tmp

You will find that /tmp/tmp/bar is linked to /tmp/foo (and /tmp/bar), but
that /tmp/tmp/foo is linked to nothing.  This is because leading slashes
("crud" in the parlance of the code) are removed from filenames when
extracting, but *not* removed from link names.

This could even be a security problem, since 'tar' will create files which
could be linked to system files; the user might (reasonably) assume otherwise,
even for untrusted tarballs.

Dan

[Prev in Thread]

Current Thread

[Next in Thread]

GNU tar + hard link bug; possible security issue!, Dan Egnor <=

Prev by Date: ANNA KOURNAKOVA - NEW BEST PIX!!!
Next by Date: Spambot Fodder - Dont Bother To Read - Thanks
Previous by thread: ANNA KOURNAKOVA - NEW BEST PIX!!!
Next by thread: Spambot Fodder - Dont Bother To Read - Thanks
Index(es):
- Date
- Thread