Date: Tue, 3 Oct 2000 12:55:07 +0100 (BST) From: jez@netcraft.com (Jeremy Prior) To: FreeBSD-gnats-submit@freebsd.org Subject: bin/21725: mtree + symlinks == DoS Message-ID: <200010031155.e93Bt7V00813@chagford.netcraft.com>
next in thread | raw e-mail | index | archive | help
>Number: 21725
>Category: bin
>Synopsis: mtree follows symlinks!
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Oct 03 05:00:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Jeremy Prior <jez@netcraft.com>
>Release: FreeBSD 4.1-STABLE i386
>Organization:
Netcraft Ltd
>Environment:
Bog-standard FreeBSD 4.1-STABLE installation
>Description:
Why, oh why does mtree(8) follow symlinks?
>How-To-Repeat:
% mkdir test ; cd test
% ln -s / foo
% mtree -c
>Fix:
Here's a patch that adds -P and -L switches to mtree - cribbed
from du(1). -P prevents mtree from following symlinks, but I've
left the default as -L.
I see no point in adding the -H, as mtree does a chdir to the
named directory, but this could be added easily.
Finally, this patch seems to fix problem report bin/21017 as well,
making the link itself part of the report, rather than what its
pointing at.
-- CUT HERE --
cvs diff: Diffing .
Index: mtree.8
===================================================================
RCS file: /usr/cvs/src/usr.sbin/mtree/mtree.8,v
retrieving revision 1.16.2.3
diff -u -r1.16.2.3 mtree.8
--- mtree.8 2000/06/30 09:54:06 1.16.2.3
+++ mtree.8 2000/10/02 17:01:14
@@ -40,7 +40,7 @@
.Nd map a directory hierarchy
.Sh SYNOPSIS
.Nm mtree
-.Op Fl cdeinrUux
+.Op Fl cdeiLnPrUux
.Op Fl f Ar spec
.Op Fl K Ar keywords
.Op Fl k Ar keywords
@@ -85,6 +85,8 @@
Use the ``type'' keyword plus the specified (whitespace or comma separated)
.Ar keywords
instead of the current set of keywords.
+.It Fl L
+Symbolic links in file hierarchies are followed (default).
.It Fl n
Do not emit pathname comments when creating a specification. Normally
a comment is emitted before each directory and before the close of that
@@ -95,6 +97,8 @@
Use the file hierarchy rooted in
.Ar path ,
instead of the current directory.
+.It Fl P
+No symbolic links are followed.
.It Fl r
Remove any files in the file hierarchy that are not described in the
specification.
Index: mtree.c
===================================================================
RCS file: /usr/cvs/src/usr.sbin/mtree/mtree.c,v
retrieving revision 1.8.2.1
diff -u -r1.8.2.1 mtree.c
--- mtree.c 2000/05/15 20:49:59 1.8.2.1
+++ mtree.c 2000/10/02 16:59:18
@@ -57,8 +57,9 @@
extern long int crc_total;
-int ftsoptions = FTS_LOGICAL;
+int ftsoptions = 0;
int cflag, dflag, eflag, iflag, nflag, rflag, sflag, uflag, Uflag;
+int Lflag, Pflag;
u_int keys;
char fullpath[MAXPATHLEN];
@@ -77,7 +78,7 @@
keys = KEYDEFAULT;
init_excludes();
- while ((ch = getopt(argc, argv, "cdef:iK:k:np:rs:UuxX:")) != -1)
+ while ((ch = getopt(argc, argv, "cdef:iK:k:Lnp:Prs:UuxX:")) != -1)
switch((char)ch) {
case 'c':
cflag = 1;
@@ -106,12 +107,22 @@
if (*p != '\0')
keys |= parsekey(p, NULL);
break;
+ case 'L':
+ if (Pflag)
+ usage();
+ Lflag = 1;
+ break;
case 'n':
nflag = 1;
break;
case 'p':
dir = optarg;
break;
+ case 'P':
+ if (Lflag)
+ usage();
+ Pflag = 1;
+ break;
case 'r':
rflag = 1;
break;
@@ -143,6 +154,18 @@
if (argc)
usage();
+ if (Lflag + Pflag > 1)
+ usage();
+
+ if (Lflag + Pflag == 0)
+ Lflag = 1; /* -L (follow symlinks) default */
+
+ if (Lflag)
+ ftsoptions |= FTS_LOGICAL;
+
+ if (Pflag)
+ ftsoptions |= FTS_PHYSICAL;
+
if (dir && chdir(dir))
err(1, "%s", dir);
@@ -163,7 +186,7 @@
usage()
{
(void)fprintf(stderr,
-"usage: mtree [-cdeinrUux] [-f spec] [-K key] [-k key] [-p path] [-s seed]\n"
+"usage: mtree [-cdeiLnPrUux] [-f spec] [-K key] [-k key] [-p path] [-s seed]\n"
"\t[-X excludes]\n");
exit(1);
}
-- CUT HERE --
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010031155.e93Bt7V00813>