Subject: Re: tar ignores filenames that contain `..'
To: NetBSD Packages Technical Discussion List <firstname.lastname@example.org>
From: Frederick Bruckman <email@example.com>
Date: 10/27/2002 18:25:44
On Sun, 27 Oct 2002, Greg A. Woods wrote:
> [ On Saturday, October 26, 2002 at 11:17:32 (-0400), Todd Vierling wrote: ]
> > Subject: Re: tar ignores filenames that contain `..'
> > 2. For each entry being extracted, warn and skip file if any intervening
> > path component is a symlink in the filesystem. (This catches both extant
> > symlinks *and* those created by pax.)
> Hmmm.... I _think_ that's a good idea. However if I'm not mistaken
> implementing it in a truly secure (race-free) way in conjunction with
> 'tar -p' (or 'pax -p [oe]', or 'cpio -i' as root (without -R should it
> be implemented)), at least when the directory was not created fresh from
> the archive and even then unless setting of directory permissions is
> held until the end, without additional kernel support will require some
> extra work...
Considering that the *threat* is of a malicious archive being
downloaded from the internet, what chance is there to exploit a race
condition while the archive is being extracted?