Re: bin/54467: new tar overwrites symlinks to directories

To: gnats-bugs%netbsd.org@localhost
Subject: Re: bin/54467: new tar overwrites symlinks to directories
From: Christos Zoulas <christos%zoulas.com@localhost>
Date: Sun, 18 Aug 2019 18:27:58 +0300

Looking at -P on bsdtar.c:

/* A basic set of security flags to request from libarchive. */
#define SECURITY                                        \ 
        (ARCHIVE_EXTRACT_SECURE_SYMLINKS                \
         | ARCHIVE_EXTRACT_SECURE_NODOTDOT)

.....
#if 0
                /*
                 * The common BSD -P option is not necessary, since
                 * our default is to archive symlinks, not follow
                 * them.  This is convenient, as -P conflicts with GNU
                 * tar anyway.
                 */
                case 'P': /* BSD convention */
                        /* Default behavior, no option necessary. */
                        break;
#endif
                case 'P': /* GNU tar */
                        bsdtar->extract_flags &= ~SECURITY;
                        bsdtar->flags |= OPTFLAG_ABSOLUTE_PATHS;
                        break;


So I guess -P does what we want and unfortunately more. I'd rather it
just disabled ARCHIVE_EXTRACT_SECURE_SYMLINKS... We could
add a long option that did exactly want we wanted I guess:
--security=-extract-secure-symlinks

christos

References:
- Re: bin/54467: new tar overwrites symlinks to directories
  - From: Martin Husemann

Prev by Date: Re: install/54480: sysinst attempts to mount wrong disk
Next by Date: Re: bin/54467: new tar overwrites symlinks to directories
Previous by Thread: Re: bin/54467: new tar overwrites symlinks to directories
Next by Thread: Re: bin/54467: new tar overwrites symlinks to directories
Indexes:

Home | Main Index | Thread Index | Old Index