Re: Tar problem

From: Tim Kientzle <kientzle_at_freebsd.org>
Date: Fri, 21 May 2004 12:10:39 -0700
Pete Carah wrote:
> When I unpack the ports collection, the symlink 
> has been overwritten with the real directory

This is deliberate; bsdtar does essentially the
same thing.

With bsdtar, -P will prevent this behavior.
(In bsdtar, -P means "leave my (P)athnames alone, damnit!" ;-)

I don't know if there's any way to prevent this
behavior with gtar.

If you have a recent -CURRENT system, read the
"SECURITY" section of bsdtar.1 to understand
why the default is what it is.  It's a matter of POLA,
not POSIX, coupled with a growing awareness that
there are malicious people out there trying to trick
people into doing unpleasant things.

I'm not sure about gtar, but bsdtar does the
symlink check always starting from the
current directory, so you chould chdir to
the other disk, extract, then possibly adjust
things afterwards.

Tim Kientzle

P.S.  Here's the "SECURITY" section from bsdtar.1,
for those who haven't been tracking -CURRENT recently:

SECURITY

Certain security issues are common to many archiving programs,
including bsdtar.  In particular, carefully-crafted archives can
request bsdtar to extract files to locations outside of the target
directory.  This can potentially be used to cause unwitting users to
overwrite files they did not intend to overwrite.  If the archive is
being extracted by the superuser, any file on the system can
potentially be overwritten.  There are three ways this can happen.
Although bsdtar has mechanisms to protect against each one, savvy
users should be aware of the implications:

o  Archive entries can have absolute pathnames.  By default, bsdtar
    removes the leading / character from filenames before restoring
    them to gaurd against this problem.

o  Archive entries can have pathnames that include .. components.
    By default, bsdtar will not extract files containing .. compo-
    nents in their pathname.

o  Archive entries can exploit symbolic links to restore files to
    other directories.  An archive can restore a symbolic link to
    another directory, then use that link to restore a file into
    that directory.  To gaurd against this, bsdtar checks each
    extracted path for symlinks.  If the final path element is a
    symlink, it will be removed and replaced with the archive
    entry.  If -U is specified, any intermediate symlink will
    also be unconditionally removed.  If neither -U nor -P is
    specified, bsdtar will refuse to extract the entry.

To protect yourself, you should be wary of any archives that come from
untrusted sources.  You should examine the contents of an archive with
    bsdtar -tf filename
before extraction.  You should use the -k option to ensure that bsdtar
will not overwrite any existing files or the -U option to remove any
pre-existing files.  You should generally not extract archives while
running with super-user privileges.  Note that the -P option to bsdtar
disables the security checks above and allows you to extract an archive
while preserving any absolute pathnames, .. components, or symlinks to
other directories.
Received on Fri May 21 2004 - 10:11:33 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:54 UTC