[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Numbers Ownership after tarring



On Fri, Apr 15, 2005 at 12:54:51PM +0900, Mark Sargent wrote:
> yes, of course, but, it's handy to have the option. Example, when 
> downloading/installing phpmyadmin, I had to cp the tar.gz to 
> /var/www/html, cd into the html dir, extract, then rm the tar.gz. Much 
> faster to just tar with the options --directory= and --no-same-name and 
> then it's just a matter of cd'ing into the new directory..cheers.

But much more dangerous. See this, for example:
<http://rhn.redhat.com/errata/RHSA-2002-096.html>

  A directory traversal vulnerability in unzip version 5.42 and earlier,
  as well as GNU tar 1.13.19 and earlier, allows attackers to overwrite
  arbitrary files during archive extraction via a ".." (dot dot) in an
  extracted filename. The Common Vulnerabilities and Exposures project
  (cve.mitre.org) has assigned the name CAN-2001-1267 and CAN-2001-1268 to
  this issue. 

That was several years ago, but there could be other such problems. You're
untarring in /var/www/html, and oops, the archive contains
../../../etc/passwd....

-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]