Date: Thu, 23 Oct 2014 10:39:26 +1100 From: John Marshall <john.marshall@riverwillow.com.au> To: freebsd-stable@freebsd.org Subject: Re: 10.1-RC1 tar(1) spurious directory traversal permission error Message-ID: <20141022233926.GC4814@rwpc15.gfn.riverwillow.net.au> In-Reply-To: <20141022181845.GB79285@server.rulingia.com> References: <20141020090424.GB1120@rwpc15.gfn.riverwillow.net.au> <op.xn0uy3dxkndu52@ronaldradial.radialsg.local> <20141020101306.GD1120@rwpc15.gfn.riverwillow.net.au> <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au> <20141022181845.GB79285@server.rulingia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thu, 23 Oct 2014, 05:18 +1100, Peter Jeremy wrote: > The directory traversal code in tar(1) in 10.x has changed to use openat(2) > instead of chdir(2). Unfortunately, it appears there's an off-by-one error > when popping back up the directory tree at the end and it winds up doing an > openat(fd, "..", ...) > at a point where fd references the directory specified in the '-C' option to > tar. If that directory (the parent of the one passed to -C) is unreadable > then it reports an error. To reproduce: Thanks, Peter, for the independent confirmation. The scenario of traversal-only access to the parent directory is common in a situation where the directory contains per-user subdirectories, and each user has no business knowing about any subdirectory but his own. The archive generated is fine, the user has full permission to the directory being archived, but tar(1) exits with an error status. I regard this regression as a bug. I have updated Bug 194477. -- John Marshall [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlRIQC4ACgkQw/tAaKKahKJ8pwCglyj3zS4Q9jO9NWBHvIbu6vIp kM0AnjbQ10pRH6L3KWeqAig1MNzS5wS8 =TJYO -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141022233926.GC4814>