Subject: Re: tar ignores filenames that contain `..'
To: Todd Vierling <>
From: Frederick Bruckman <>
List: tech-security
Date: 10/23/2002 12:10:54
On Wed, 23 Oct 2002, Todd Vierling wrote:

> On Wed, 23 Oct 2002, Alistair Crooks wrote:
> : And I will jump in and say that it is really pax's problem.  This is
> : because (a) a lot of the distfiles that we use in pkgsrc come with
> : symbolic links with ".." in them,
> Symbolic links whose *content* contains "../" are not the same thing as file
> entries in a tar file whose *filename* contains "../".
> The former should be unconditionally allowed by pax, as the default is to
> unlink before creating; there's no risk of overwriting files outside the
> destination tree, even if a created symlink points outside the destination
> tree.

You know, that makes sense. So what's all the hoopla about? Can
someone who's privy to the pax/tar maintainer's discussion refute that?

It also occurs to me that there are no security implications to
creating archives with symlinks. Calling that a security hole is on
the same level as claiming that the very existence of "tcpdump" is a
security breach.

> The latter should be unconditionally disallowed by pax, as it's beyond bad
> form and is already warned about by GNU tar.