Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Tar extract behaviour changed

In article <>,
Joerg Sonnenberger  <> wrote:
>On Tue, Oct 22, 2019 at 08:00:35PM +0200, Christian Groessler wrote:
>> "tar" had an option to delete files which it is about to extract before
>> extraction. Wouldn't this solve the "symlink" issue at hand? What am I
>> missing?
>See the SECURITY section in the man page. Both -U and -P are ways to
>dealing with this, but with different end result.

Here are two simple patches:

1. Track symlinks that tar created and for them keep the current behavior
   of overwriting them, but extract through pre-existing ones:

   Pros: default behavior
   Cons: adds complexity, have not thought through all the possible scenarios,
	 can slow down things when there are lots of symlinks.

2. Add a flag to just allow symlinks:

   Pros: simple and reduces the attack surface, gets the behavior we had
   Cons: not standard, malicious tars can still do damage.

I am not advocating for either, perhaps we should just add -P to the
extraction and get over it :-)


Home | Main Index | Thread Index | Old Index