Date: Thu, 23 Oct 2014 05:18:45 +1100 From: Peter Jeremy <peter@rulingia.com> To: freebsd-stable@freebsd.org Subject: Re: 10.1-RC1 tar(1) spurious directory traversal permission error Message-ID: <20141022181845.GB79285@server.rulingia.com> In-Reply-To: <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au> References: <20141020090424.GB1120@rwpc15.gfn.riverwillow.net.au> <op.xn0uy3dxkndu52@ronaldradial.radialsg.local> <20141020101306.GD1120@rwpc15.gfn.riverwillow.net.au> <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2014-Oct-20 21:36:17 +1100, John Marshall <john.marshall@riverwillow.com= =2Eau> wrote: >On Mon, 20 Oct 2014, 21:13 +1100, John Marshall wrote: >> On Mon, 20 Oct 2014, 11:22 +0200, Ronald Klop wrote: >> > Maybe the output of 'truss -o /tmp/truss.txt tar -czf dtt.tgz -C =20 >> > /data/tftp/thlan .' gives interesting information about what is exactl= y =20 >> > giving the permission denied. > >> $ truss -o /tmp/truss.txt tar -czf dtt.tgz -C /data/tftp/thlan . >> tar: .: Unable to continue traversing directory tree: Permission denied >> tar: Error exit delayed from previous errors. >> truss: can not get etype: No such process >> $=20 The directory traversal code in tar(1) in 10.x has changed to use openat(2) instead of chdir(2). Unfortunately, it appears there's an off-by-one error when popping back up the directory tree at the end and it winds up doing an openat(fd, "..", ...) at a point where fd references the directory specified in the '-C' option to tar. If that directory (the parent of the one passed to -C) is unreadable then it reports an error. To reproduce: server% cd /tmp server% chmod 755 t1 server% rm -r t1 server% mkdir -p t1/t2/{a,b} server% touch t1/t2/{a,b}/{f1,f2} server% tar -cvf /dev/null -C /tmp/t1/t2 . a . a ./b a ./a a ./a/f1 a ./a/f2 a ./b/f1 a ./b/f2 server% chmod 111 t1 =20 server% tar -cvf /dev/null -C /tmp/t1/t2 . a . a ./b a ./a a ./a/f1 a ./a/f2 a ./b/f1 a ./b/f2 tar: .: Unable to continue traversing directory tree: Permission denied tar: Error exit delayed from previous errors. server%=20 --=20 Peter Jeremy --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJUR/UFXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFRUIyOTg2QzMwNjcxRTc0RTY1QzIyN0Ux NkE1OTdBMEU0QTIwQjM0AAoJEBall6Dkogs0BB8P/i0c5N522U3LIG2u7ZFhrdOw uKEduPvhpvq51ODWEkE1+jcsdGg5R7mt2efPRyW3SWZmFqojvy+fHiJJ94MXafJU ayjF0JQU1qJB+/7qgYduTo1mjrZ/dLRsT++O5gEqPN7rljzqbBwsuF1UBlU5kvW/ ShgXrJLiAcbR17EPCyZ0y2fYkTFqUMYyApeUTVhu9ZLOHYrQNk4hZqARB5fZ1uZ/ V3lZQaFDxju+sAkva5DjNCOUOu7p6sexNSX9KMuCI8jCQHmxUS5iDWDyl1Z6oo5a 8iKQU8s5NXKxPwuhKubRfcSPuiR0x41E7XdefwQCUNjM3P4WZpsKWa/pfNyZNvAP 8m++fAuORwTT0cvlbbLXYKAWFJhpvLx4m1tndd7gqSzWoZIvqH/MWEz54t0yog/C XYa1+/8HQ7crRc2HlEUh4ZN57DkoTj+07YPYbRAW2JqhqQTWuQhDHv5DqSLyk5iC pHHPuxZ9d0it6lIgrOHON9DyyyDJXg9TDJ5R1Kmy0edl68ty8BfY25OVc+MM4Sct 8x6VhYW7UeRNzVKjcAePQyuR7bMEJqQ1qeeUSExE4xX7queHk6FzH6rj4UpRFTY/ nTVL4fcHXiWC5UVzyo7akW62/44VRSUpdSTo9xDk2izRziTzy6+0qZvdRazZDsxQ hllt4WgivXxCsvaqfUD5 =zXc8 -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141022181845.GB79285>