Re: Directory traversal in sharutils/uudecode and python uu module

[Alan Coopersmith <alan.coopersmith () oracle com>]

On 12/21/22 10:42, Hanno Böck wrote:
> If one can convince someone with root privileges to decode such a file
> this may thus compromise a system.

Fortunately, the easiest exploit path was mostly removed decades ago:
https://exchange.xforce.ibmcloud.com/vulnerabilities/126

> I got a reply confirming the report from the sharutils developers,
> pointing out that this can be interpreted as expected behavior
> according to the posix standard. I don't expect a fix any time soon,
> their latest release is from 2015.

I started a discussion on the Austin Group mailing list to see if the
standard should be updated, but the argument has mostly leaned towards
"users should either use -o to specify output or look at files before
 uudecoding them" (along with suggestions to drop these utilities from
the standard now in favor of base64 encoding utilities).

--
        -Alan Coopersmith-                 alan.coopersmith () oracle com
         Oracle Solaris Engineering - https://blogs.oracle.com/solaris