Full Disclosure mailing list archives
Re: GNU tar directory traversal
From: Teemu Salmela <teemu.salmela () iki fi>
Date: Wed, 22 Nov 2006 11:30:01 +0200
Jeb Osama wrote:
LOLOLOLOLOLOLOLOLOL Thats pretty much the purpose of symlinks.. Whats your point in posting this fact in FD?
I tried to say that you shouldn't extract tar archives that come from someone you don't trust. If you extract an untrusted tar archive (for example, download it from the web, or receive it as a e-mail attachment) as root it's as bad as running an untrusted program as root because the tar archive could replace any file (/bin/ls, /bin/bash, the kernel, etc) in the system. Even the coders of tar would realize this is a security risk. I know this because , in the tar code, they really try to make it impossible to extract files outside the "extraction directory". -- fscanf(socket,"%s",buf); printf(buf); sprintf(query, "SELECT %s FROM table", buf); sprintf(cmd, "echo %s | sqlquery", query); system(cmd); Teemu Salmela _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- GNU tar directory traversal Teemu Salmela (Nov 21)
- <Possible follow-ups>
- Re: GNU tar directory traversal Jeb Osama (Nov 21)
- Re: GNU tar directory traversal Gouki (Nov 21)
- Re: GNU tar directory traversal Teemu Salmela (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal Teemu Salmela (Nov 22)
- Re: GNU tar directory traversal virus (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal virus (Nov 22)
- Re: GNU tar directory traversal Siim Põder (Nov 22)
- Re: GNU tar directory traversal virus (Nov 23)
- Re: GNU tar directory traversal virus (Nov 23)