Full Disclosure mailing list archives
Re: Re: Linux kernel source archive vulnerable
From: Jurjen Oskam <jurjen () stupendous org>
Date: Fri, 8 Sep 2006 20:30:24 +0200
On Fri, Sep 08, 2006 at 08:17:05PM +0200, Hadmut Danisch wrote:
It may sound funny to consider tar as the wrong tool, but it is.
Don't. Untar. Archives. As. Root. It's that simple. Or are you also going to complain about the fact that there are tar versions out there that don't strip a leading / from the archive? Much fun can be had when you carelessly extract as root, then. -- Jurjen Oskam Savage's Law of Expediency: You want it bad, you'll get it bad. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux kernel source archive vulnerable, (continued)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Linux kernel source archive vulnerable Gerald (Jerry) Carter (Sep 08)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Michael Gale (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Valdis . Kletnieks (Sep 09)
- Re: Linux kernel source archive vulnerable Ron (Sep 24)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Jurjen Oskam (Sep 08)
- tar alternative Tim (Sep 08)
- Re: tar alternative Cristi Mitrana (Sep 08)
- Re: Re: tar alternative Tim (Sep 09)
- Re: Re: tar alternative darren kirby (Sep 09)
- Re: Re: tar alternative Tim (Sep 09)
- Re: tar alternative Aaron Gray (Sep 15)
- Re: tar alternative Tim (Sep 20)
- Re: tar alternative Jon Hart (Sep 20)
- Re: tar alternative Tonnerre Lombard (Sep 20)