Date: Fri, 18 Jun 2010 07:54:17 +1000 From: Sean <sean@gothic.net.au> To: freebsd-stable@freebsd.org Subject: Re: [Stable 7] CPIO breakage/ Message-ID: <4C1A9989.3090507@gothic.net.au> In-Reply-To: <20100617205302.GA60347@server.vk2pj.dyndns.org> References: <1276639800.2462.80.camel@localhost.localdomain> <1276646707.2462.82.camel@localhost.localdomain> <4C18195A.3020501@delphij.net> <20100617205302.GA60347@server.vk2pj.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18/06/2010 6:53 AM, Peter Jeremy wrote: > On 2010-Jun-15 17:22:50 -0700, Xin LI <delphij@delphij.net> wrote: >> On 2010/06/15 17:05, Sean Bruno wrote: >>> A little more background. It looks like symlinks are getting stripped >>> of their '/' which sucks. Ideas? > ... >>> e.g. /home/foo/bar -> /opt/baz/blob >>> >>> becomes >>> >>> home/foo/bar -> opt/baz/blob >>> >>> Yuck. >> >> This is a security measurement I think. > > Can someone please explain how stripping a leading '/' off the > destination of a symlink enhances security? The destination is > not being written to. > Easy. Create a symlink etc, to /etc Create a file etc/passwd containing whatever you want. Of course, a better way to deal with that is to chroot, seeing you could probably use ../../../../../../../../../../../../.../../../../etc instead of /etc and get the same effect, and I don't know that tar tries to prevent that; tar has the --chroot option. >> --absolute-filenames disables this behavior. > > This definitely reduces security and would seem to be far more > dangerous than being able to create symlinks to absolute pathnames. > -- Sean Winn sean@gothic.net.au
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C1A9989.3090507>