From owner-freebsd-stable@FreeBSD.ORG Wed Oct 22 18:22:14 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9CA564BE for ; Wed, 22 Oct 2014 18:22:14 +0000 (UTC) Received: from vps.rulingia.com (vps.rulingia.com [103.243.244.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps.rulingia.com", Issuer "CAcert Class 3 Root" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D8E8ECA for ; Wed, 22 Oct 2014 18:22:13 +0000 (UTC) Received: from server.rulingia.com (c220-239-242-83.belrs5.nsw.optusnet.com.au [220.239.242.83]) by vps.rulingia.com (8.14.9/8.14.9) with ESMTP id s9MIIpRg024778 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 23 Oct 2014 05:18:58 +1100 (AEDT) (envelope-from peter@rulingia.com) X-Bogosity: Ham, spamicity=0.000000 Received: from server.rulingia.com (localhost.rulingia.com [127.0.0.1]) by server.rulingia.com (8.14.9/8.14.9) with ESMTP id s9MIIjJg066007 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Thu, 23 Oct 2014 05:18:45 +1100 (EST) (envelope-from peter@server.rulingia.com) Received: (from peter@localhost) by server.rulingia.com (8.14.9/8.14.9/Submit) id s9MIIjEc066006 for freebsd-stable@freebsd.org; Thu, 23 Oct 2014 05:18:45 +1100 (EST) (envelope-from peter) Date: Thu, 23 Oct 2014 05:18:45 +1100 From: Peter Jeremy To: freebsd-stable@freebsd.org Subject: Re: 10.1-RC1 tar(1) spurious directory traversal permission error Message-ID: <20141022181845.GB79285@server.rulingia.com> References: <20141020090424.GB1120@rwpc15.gfn.riverwillow.net.au> <20141020101306.GD1120@rwpc15.gfn.riverwillow.net.au> <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="BOKacYhQ+x31HxR3" Content-Disposition: inline In-Reply-To: <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au> X-PGP-Key: http://www.rulingia.com/keys/peter.pgp User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2014 18:22:14 -0000 --BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2014-Oct-20 21:36:17 +1100, John Marshall wrote: >On Mon, 20 Oct 2014, 21:13 +1100, John Marshall wrote: >> On Mon, 20 Oct 2014, 11:22 +0200, Ronald Klop wrote: >> > Maybe the output of 'truss -o /tmp/truss.txt tar -czf dtt.tgz -C =20 >> > /data/tftp/thlan .' gives interesting information about what is exactl= y =20 >> > giving the permission denied. > >> $ truss -o /tmp/truss.txt tar -czf dtt.tgz -C /data/tftp/thlan . >> tar: .: Unable to continue traversing directory tree: Permission denied >> tar: Error exit delayed from previous errors. >> truss: can not get etype: No such process >> $=20 The directory traversal code in tar(1) in 10.x has changed to use openat(2) instead of chdir(2). Unfortunately, it appears there's an off-by-one error when popping back up the directory tree at the end and it winds up doing an openat(fd, "..", ...) at a point where fd references the directory specified in the '-C' option to tar. If that directory (the parent of the one passed to -C) is unreadable then it reports an error. To reproduce: server% cd /tmp server% chmod 755 t1 server% rm -r t1 server% mkdir -p t1/t2/{a,b} server% touch t1/t2/{a,b}/{f1,f2} server% tar -cvf /dev/null -C /tmp/t1/t2 . a . a ./b a ./a a ./a/f1 a ./a/f2 a ./b/f1 a ./b/f2 server% chmod 111 t1 =20 server% tar -cvf /dev/null -C /tmp/t1/t2 . a . a ./b a ./a a ./a/f1 a ./a/f2 a ./b/f1 a ./b/f2 tar: .: Unable to continue traversing directory tree: Permission denied tar: Error exit delayed from previous errors. server%=20 --=20 Peter Jeremy --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJUR/UFXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFRUIyOTg2QzMwNjcxRTc0RTY1QzIyN0Ux NkE1OTdBMEU0QTIwQjM0AAoJEBall6Dkogs0BB8P/i0c5N522U3LIG2u7ZFhrdOw uKEduPvhpvq51ODWEkE1+jcsdGg5R7mt2efPRyW3SWZmFqojvy+fHiJJ94MXafJU ayjF0JQU1qJB+/7qgYduTo1mjrZ/dLRsT++O5gEqPN7rljzqbBwsuF1UBlU5kvW/ ShgXrJLiAcbR17EPCyZ0y2fYkTFqUMYyApeUTVhu9ZLOHYrQNk4hZqARB5fZ1uZ/ V3lZQaFDxju+sAkva5DjNCOUOu7p6sexNSX9KMuCI8jCQHmxUS5iDWDyl1Z6oo5a 8iKQU8s5NXKxPwuhKubRfcSPuiR0x41E7XdefwQCUNjM3P4WZpsKWa/pfNyZNvAP 8m++fAuORwTT0cvlbbLXYKAWFJhpvLx4m1tndd7gqSzWoZIvqH/MWEz54t0yog/C XYa1+/8HQ7crRc2HlEUh4ZN57DkoTj+07YPYbRAW2JqhqQTWuQhDHv5DqSLyk5iC pHHPuxZ9d0it6lIgrOHON9DyyyDJXg9TDJ5R1Kmy0edl68ty8BfY25OVc+MM4Sct 8x6VhYW7UeRNzVKjcAePQyuR7bMEJqQ1qeeUSExE4xX7queHk6FzH6rj4UpRFTY/ nTVL4fcHXiWC5UVzyo7akW62/44VRSUpdSTo9xDk2izRziTzy6+0qZvdRazZDsxQ hllt4WgivXxCsvaqfUD5 =zXc8 -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3--