Date: Tue, 1 Oct 2002 15:21:58 -0700 (PDT) From: "f.johan.beisser" <jan@caustic.org> To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: tar/security best practice (was Re: RE: Is FreeBSD's tar susceptible to this?) Message-ID: <20021001151050.F67581-100000@pogo.caustic.org> In-Reply-To: <4.3.2.7.2.20021001160301.034597f0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Oct 2002, Brett Glass wrote: > In the meantime, though, is there a chance that a fix for the vulnerability > can be slipped into 4.7 prior to release? I'd hate to be exploding a > tarball, as root, and discover that it had upreferenced to the top of > the directory tree and installed something nasty. (If such an > exploit were to hit /etc/crontab, it could run arbitrary code in a > minute or less -- probably before the admin could react.) if you're untarring something, shouldn't you review what you're looking at first anyway? even if the vulnerability exists, it doesn't make it easy to exploit - if you review what you're untarring before doing it as root. best practice is to continue to not untar things as root untill you've reviewed the contents of your file. you can't control what anyone else puts in to the file anyway. -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan jan@caustic.org "John Ashcroft is really just the reanimated corpse of J. Edgar Hoover." -- Tim Triche To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021001151050.F67581-100000>