[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] GNU tar directory traversal
- To: virus@xxxxxxxxx
- Subject: Re: [Full-disclosure] GNU tar directory traversal
- From: Siim Põder <windo@xxxxxxxxxxxxxxx>
- Date: Wed, 22 Nov 2006 16:59:57 +0200
Yo!
virus@xxxxxxxxx wrote:
> Siim Põder wrote:
>> So, for example, I make a tar archieve that contains a symlink to
>> 'bla'->'/etc' and 'bla/passwd', that - if opened by root - would
>> overwrite the passwd file.
>
> right from the man page: A confirmation is needed if -w is used.
That has little to do with the actual vulnerability, hasn't it? It's a
possible workaround though, so that's great.
>> Discussing wether root should ever run tar is irrelevant.
> Agreed, the discussion whether root should *run* tar or not is
> irrelevant. One shouldn't *trust* tar files from unknown/untrusted
> sources, root or not.
I specifically said I didn't want to discuss this (or any variants
thereof, which i failed to explicitly bring out) as this has nothing to
do with the vulnerability. I know I shouldn't do it just as you know it
and just as everyone else knows it - no reason for discussion.
Siim Põder
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/