Re: bin/54467: new tar overwrites symlinks to directories

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,martin%NetBSD.org@localhost
Subject: Re: bin/54467: new tar overwrites symlinks to directories
From: Christos Zoulas <christos%zoulas.com@localhost>
Date: Sun, 18 Aug 2019 16:15:01 +0000 (UTC)

The following reply was made to PR bin/54467; it has been noted by GNATS.

From: Christos Zoulas <christos%zoulas.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: gnats-admin%netbsd.org@localhost,
 netbsd-bugs%netbsd.org@localhost,
 "martin%netbsd.org@localhost" <martin%NetBSD.org@localhost>
Subject: Re: bin/54467: new tar overwrites symlinks to directories
Date: Sun, 18 Aug 2019 19:12:59 +0300

 >=20
 > If you allow symlinks tricks, you can just allow absolute path names
 > too. It really doesn't make any difference as attack vector.

 I am not talking about an attack vector, I am just saying that the =
 behavior
 of extracting a tar archive having absolute symlinks in it, will change =
 with -P...
 I do understand the ramifications of allowing symlinks, I just want to =
 replicate
 the behavior of our current tar.

 christos

Prev by Date: Re: bin/54467: new tar overwrites symlinks to directories
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: Re: bin/54467: new tar overwrites symlinks to directories
Next by Thread: Re: bin/54467: new tar overwrites symlinks to directories
Indexes:

Home | Main Index | Thread Index | Old Index