Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Frederick Bruckman (fredb_at_immanent.net)
Date: Sun Oct 27 2002 - 18:25:44 CST
On Sun, 27 Oct 2002, Greg A. Woods wrote:
> [ On Saturday, October 26, 2002 at 11:17:32 (-0400), Todd Vierling wrote: ]
> > Subject: Re: tar ignores filenames that contain `..'
> > 2. For each entry being extracted, warn and skip file if any intervening
> > path component is a symlink in the filesystem. (This catches both extant
> > symlinks *and* those created by pax.)
> Hmmm.... I _think_ that's a good idea. However if I'm not mistaken
> implementing it in a truly secure (race-free) way in conjunction with
> 'tar -p' (or 'pax -p [oe]', or 'cpio -i' as root (without -R should it
> be implemented)), at least when the directory was not created fresh from
> the archive and even then unless setting of directory permissions is
> held until the end, without additional kernel support will require some
> extra work...
Considering that the *threat* is of a malicious archive being
downloaded from the internet, what chance is there to exploit a race
condition while the archive is being extracted?