[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Tar extract behaviour changed
In article <20191022200319.GA83891%bec.de@localhost>,
Joerg Sonnenberger <joerg%bec.de@localhost> wrote:
>On Tue, Oct 22, 2019 at 08:00:35PM +0200, Christian Groessler wrote:
>> "tar" had an option to delete files which it is about to extract before
>> extraction. Wouldn't this solve the "symlink" issue at hand? What am I
>See the SECURITY section in the man page. Both -U and -P are ways to
>dealing with this, but with different end result.
Here are two simple patches:
1. Track symlinks that tar created and for them keep the current behavior
of overwriting them, but extract through pre-existing ones:
Pros: default behavior
Cons: adds complexity, have not thought through all the possible scenarios,
can slow down things when there are lots of symlinks.
2. Add a flag to just allow symlinks:
Pros: simple and reduces the attack surface, gets the behavior we had
Cons: not standard, malicious tars can still do damage.
I am not advocating for either, perhaps we should just add -P to the
extraction and get over it :-)
Main Index |
Thread Index |