Subject: Re: tar ignores filenames that contain `..'
To: NetBSD Packages Technical Discussion List <>
From: Frederick Bruckman <>
List: tech-security
Date: 10/27/2002 18:25:44
On Sun, 27 Oct 2002, Greg A. Woods wrote:

> [ On Saturday, October 26, 2002 at 11:17:32 (-0400), Todd Vierling wrote: ]
> > Subject: Re: tar ignores filenames that contain `..'
> >
> > 2. For each entry being extracted, warn and skip file if any intervening
> >    path component is a symlink in the filesystem.  (This catches both extant
> >    symlinks *and* those created by pax.)
> Hmmm.... I _think_ that's a good idea.  However if I'm not mistaken
> implementing it in a truly secure (race-free) way in conjunction with
> 'tar -p' (or 'pax -p [oe]', or 'cpio -i' as root (without -R should it
> be implemented)), at least when the directory was not created fresh from
> the archive and even then unless setting of directory permissions is
> held until the end, without additional kernel support will require some
> extra work...

Considering that the *threat* is of a malicious archive being
downloaded from the internet, what chance is there to exploit a race
condition while the archive is being extracted?