Date: Wed, 8 Oct 2014 19:48:52 -0500 From: Jason Hellenthal <jhellenthal@dataix.net> To: Daniel Braniss <danny@cs.huji.ac.il> Cc: "hackers@freebsd.org" <hackers@freebsd.org>, Ian Lepore <ian@FreeBSD.org> Subject: Re: tar and / Message-ID: <221B7CFC-4AE2-4DAF-9E6E-565715B87172@dataix.net> In-Reply-To: <EF765340-81BE-4461-8DF4-5CAC4F5DDCD7@cs.huji.ac.il> References: <ED20B859-CDFF-4205-B7A9-A1A86AAAE1D9@cs.huji.ac.il> <FD9D0411-6043-4AAD-8EE4-6277EFBB0900@dataix.net> <EF765340-81BE-4461-8DF4-5CAC4F5DDCD7@cs.huji.ac.il>
next in thread | previous in thread | raw e-mail | index | archive | help
Damn! I thought we were past this issue long ago using relative paths instea=
d absolute paths. Wonder what ever happened to that standard of safety. Unle=
ss I am mistaking one thing for another.
Symbolic links obviously should not be starting with "/".=20
Hard links on the other hand should be broken once inside a tar file and no l=
onger referencing a previous inode. So if I understand this correctly this i=
s what you are seeing ?
On another note from this ... I was by aware hard links could be created to a=
nything but files ... ? So I'm confused here ?
--=20
Jason Hellenthal
Mobile: +1 (616) 953-0176
jhellenthal@DataIX.net
JJH48-ARIN
On Oct 8, 2014, at 01:24, Daniel Braniss <danny@cs.huji.ac.il> wrote:
A facts that I did not mention:
the tar file is created by ports when requesting =E2=80=98package=E2=80=99=
, it now adds
/usr/local
making extraction difficult for those that use nfs/amd for /usr/local
(the solution is to extract the files in /var/tmp, and re-taring without the=
/usr/local :-)
to my surprise, even though tar complains that it can=E2=80=99t do the link t=
o /
it actually does the link!!
notice that I mentioned =E2=80=98link', not symlink! which of course brings t=
he question why some ports insist
on link, and not symlink is beyond me.
thanks
danny
> On Oct 7, 2014, at 5:35 PM, Jason Hellenthal <jhellenthal@dataix.net> wrot=
e:
>=20
> =46rom tar(1)
>=20
> o Archive entries can exploit symbolic links to restore files to o=
ther directories.
> An archive can restore a symbolic link to another directory, th=
en use that link to
> restore a file into that directory. To guard against this, tar=
checks each
> extracted path for symlinks. If the final path element is a sy=
mlink, it will be
> removed and replaced with the archive entry. If -U is specifie=
d, any intermediate
> symlink will also be unconditionally removed. If neither -U no=
r -P is specified,
> tar will refuse to extract the entry.
>=20
> With that stated you might want to roll through your filesystem with symli=
nks(1) [sysutils/symlinks]. Use of this to shorten, remove dangling etc..
>=20
> DESCRIPTION
> symlinks is a useful utility for maintainers of FTP sites, CDROMs, a=
nd
> Linux software distributions. It scans directories for symbolic lin=
ks
> and lists them on stdout, often revealing flaws in the filesystem tre=
e.
>=20
> Each link is output with a classification of relative, absolute, da=
n-
> gling, messy, lengthy, or other_fs.
>=20
> relative links are those expressed as paths relative to the directo=
ry
> in which the links reside, usually independent of the mount point o=
f
> the filesystem.
>=20
> absolute links are those given as an absolute path from the root dire=
c-
> tory as indicated by a leading slash (/).
>=20
> dangling links are those for which the target of the link does not cu=
r-
> rently exist. This commonly occurs for absolute links when a filesy=
s-
> tem is mounted at other than its customary mount point (such as wh=
en
> the normal root filesystem is mounted at /mnt after booting from alte=
r-
> native media).
>=20
> messy links are links which contain unnecessary slashes or dots in t=
he
> path. These are cleaned up as well when -c is specified.
>=20
> lengthy links are links which use "../" more than necessary in the pa=
th
> (eg. /bin/vi -> ../bin/vim) These are only detected when -s is spec=
i-
> fied, and are only cleaned up when -c is also specified.
>=20
> other_fs are those links whose target currently resides on a differe=
nt
> filesystem from where symlinks was run (most useful with -r ).
>=20
> Hope this helps.
>=20
>> On Oct 7, 2014, at 1:44, Daniel Braniss <danny@cs.huji.ac.il> wrote:
>>=20
>> hi,Ian Lepore <ian@FreeBSD.org>
>> for security reasons tar removes the leading /, which is fine.
>> so I can chadir to /var/tmp, and do an extract there. The problem arises w=
hen there
>> is a file that is linked to /=E2=80=A6
>> Is there some way to drop that leading =E2=80=98/=E2=80=98 too?
>>=20
>> cheers,
>>=20
>> _______________________________________________
>> freebsd-hackers@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org=
"
>=20
> --=20
> Jason Hellenthal
> Mobile: +1 (616) 953-0176
> jhellenthal@DataIX.net
> JJH48-ARIN
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?221B7CFC-4AE2-4DAF-9E6E-565715B87172>