From owner-freebsd-ports Mon Jun 25 7:38:14 2001 Delivered-To: freebsd-ports@freebsd.org Received: from adm.sci-nnov.ru (adm.sci-nnov.ru [195.122.226.2]) by hub.freebsd.org (Postfix) with ESMTP id 6C14B37B40A; Mon, 25 Jun 2001 07:38:10 -0700 (PDT) (envelope-from 3APA3A@SECURITY.NNOV.RU) Received: from anonymous.sandy.ru (anonymous.sandy.ru [195.122.226.40]) by adm.sci-nnov.ru (8.9.3/Dmiter-4.1-AGK-0.5) with ESMTP id SAA32956; Mon, 25 Jun 2001 18:36:06 +0400 (MSD) Date: Mon, 25 Jun 2001 18:36:06 +0400 From: 3APA3A <3APA3A@SECURITY.NNOV.RU> X-Mailer: The Bat! (v1.51) Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU> Organization: http://www.security.nnov.ru X-Priority: 3 (Normal) Message-ID: <62107132848.20010625183606@SECURITY.NNOV.RU> To: roshal@rarsoft.com Cc: ache@FreeBSD.org, ports@FreeBSD.ORG Subject: rar bsd unsafe permissions MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello roshal, if default rar archive is extracted with `rar x` all files are created with 0777 permissions. It's not good. Latest available version is 2.02. rar 2.0b has directory traversal bug, it allows to create 'trojaned' archive which will place executable files anywhere the creator of archive wants. This bug is patched in 2.02 but I found no information on this in release notices/change log. In conjunction, this 2 small problems create _very huge_ problem for rar users. -- http://www.security.nnov.ru /\_/\ { . . } |\ +--oQQo->{ ^ }<-----+ \ | 3APA3A U 3APA3A } +-------------o66o--+ / |/ You know my name - look up my number (The Beatles) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message