Full Disclosure mailing list archives
Re: GNU tar directory traversal
From: Siim Põder <windo () p6drad-teel net>
Date: Wed, 22 Nov 2006 16:59:57 +0200
Yo! virus () nolog org wrote:
Siim Põder wrote:So, for example, I make a tar archieve that contains a symlink to 'bla'->'/etc' and 'bla/passwd', that - if opened by root - would overwrite the passwd file.right from the man page: A confirmation is needed if -w is used.
That has little to do with the actual vulnerability, hasn't it? It's a possible workaround though, so that's great.
Discussing wether root should ever run tar is irrelevant.Agreed, the discussion whether root should *run* tar or not is irrelevant. One shouldn't *trust* tar files from unknown/untrusted sources, root or not.
I specifically said I didn't want to discuss this (or any variants thereof, which i failed to explicitly bring out) as this has nothing to do with the vulnerability. I know I shouldn't do it just as you know it and just as everyone else knows it - no reason for discussion. Siim Põder _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- GNU tar directory traversal Teemu Salmela (Nov 21)
- <Possible follow-ups>
- Re: GNU tar directory traversal Jeb Osama (Nov 21)
- Re: GNU tar directory traversal Gouki (Nov 21)
- Re: GNU tar directory traversal Teemu Salmela (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal Teemu Salmela (Nov 22)
- Re: GNU tar directory traversal virus (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal virus (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal virus (Nov 23)
- Re: GNU tar directory traversal virus (Nov 23)