Date: Thu, 23 Oct 2014 05:18:45 +1100 From: Peter Jeremy <peter@rulingia.com> To: freebsd-stable@freebsd.org Subject: Re: 10.1-RC1 tar(1) spurious directory traversal permission error Message-ID: <20141022181845.GB79285@server.rulingia.com> In-Reply-To: <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au> References: <20141020090424.GB1120@rwpc15.gfn.riverwillow.net.au> <op.xn0uy3dxkndu52@ronaldradial.radialsg.local> <20141020101306.GD1120@rwpc15.gfn.riverwillow.net.au> <20141020103617.GE1120@rwpc15.gfn.riverwillow.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--BOKacYhQ+x31HxR3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2014-Oct-20 21:36:17 +1100, John Marshall <john.marshall@riverwillow.com=
=2Eau> wrote:
>On Mon, 20 Oct 2014, 21:13 +1100, John Marshall wrote:
>> On Mon, 20 Oct 2014, 11:22 +0200, Ronald Klop wrote:
>> > Maybe the output of 'truss -o /tmp/truss.txt tar -czf dtt.tgz -C =20
>> > /data/tftp/thlan .' gives interesting information about what is exactl=
y =20
>> > giving the permission denied.
>
>> $ truss -o /tmp/truss.txt tar -czf dtt.tgz -C /data/tftp/thlan .
>> tar: .: Unable to continue traversing directory tree: Permission denied
>> tar: Error exit delayed from previous errors.
>> truss: can not get etype: No such process
>> $=20
The directory traversal code in tar(1) in 10.x has changed to use openat(2)
instead of chdir(2). Unfortunately, it appears there's an off-by-one error
when popping back up the directory tree at the end and it winds up doing an
openat(fd, "..", ...)
at a point where fd references the directory specified in the '-C' option to
tar. If that directory (the parent of the one passed to -C) is unreadable
then it reports an error. To reproduce:
server% cd /tmp
server% chmod 755 t1
server% rm -r t1
server% mkdir -p t1/t2/{a,b}
server% touch t1/t2/{a,b}/{f1,f2}
server% tar -cvf /dev/null -C /tmp/t1/t2 .
a .
a ./b
a ./a
a ./a/f1
a ./a/f2
a ./b/f1
a ./b/f2
server% chmod 111 t1 =20
server% tar -cvf /dev/null -C /tmp/t1/t2 .
a .
a ./b
a ./a
a ./a/f1
a ./a/f2
a ./b/f1
a ./b/f2
tar: .: Unable to continue traversing directory tree: Permission denied
tar: Error exit delayed from previous errors.
server%=20
--=20
Peter Jeremy
--BOKacYhQ+x31HxR3
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQJ8BAEBCgBmBQJUR/UFXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFRUIyOTg2QzMwNjcxRTc0RTY1QzIyN0Ux
NkE1OTdBMEU0QTIwQjM0AAoJEBall6Dkogs0BB8P/i0c5N522U3LIG2u7ZFhrdOw
uKEduPvhpvq51ODWEkE1+jcsdGg5R7mt2efPRyW3SWZmFqojvy+fHiJJ94MXafJU
ayjF0JQU1qJB+/7qgYduTo1mjrZ/dLRsT++O5gEqPN7rljzqbBwsuF1UBlU5kvW/
ShgXrJLiAcbR17EPCyZ0y2fYkTFqUMYyApeUTVhu9ZLOHYrQNk4hZqARB5fZ1uZ/
V3lZQaFDxju+sAkva5DjNCOUOu7p6sexNSX9KMuCI8jCQHmxUS5iDWDyl1Z6oo5a
8iKQU8s5NXKxPwuhKubRfcSPuiR0x41E7XdefwQCUNjM3P4WZpsKWa/pfNyZNvAP
8m++fAuORwTT0cvlbbLXYKAWFJhpvLx4m1tndd7gqSzWoZIvqH/MWEz54t0yog/C
XYa1+/8HQ7crRc2HlEUh4ZN57DkoTj+07YPYbRAW2JqhqQTWuQhDHv5DqSLyk5iC
pHHPuxZ9d0it6lIgrOHON9DyyyDJXg9TDJ5R1Kmy0edl68ty8BfY25OVc+MM4Sct
8x6VhYW7UeRNzVKjcAePQyuR7bMEJqQ1qeeUSExE4xX7queHk6FzH6rj4UpRFTY/
nTVL4fcHXiWC5UVzyo7akW62/44VRSUpdSTo9xDk2izRziTzy6+0qZvdRazZDsxQ
hllt4WgivXxCsvaqfUD5
=zXc8
-----END PGP SIGNATURE-----
--BOKacYhQ+x31HxR3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141022181845.GB79285>