[Ilugc] TAR security

• From: knura@xxxxxxxxx (Arun Khan)
• Date: Thu Jul 3 22:04:09 2008

On Thursday 03 Jul 2008, Masatran, R. Deepak wrote:

I am worried about extracting TAR files...(1) What if it contains
files with absolute paths? 

Use -C option to stage the files in some other dir.

(2) What if it contains files with ".." in 
the path? 

A system back up (e.g. tar on /) will contain  such files esp. in /etc.  
What is your concern?

(3) What if it violates the Unix convention of extracting 
the contents in a sub-directory?

Then you have a compromised version of tar.  This could happen with any 
command e.g. a compromised rm could wipe out your system (presuming 
that you are doing this with root privilege)

-- 
Arun Khan

• Follow-Ups:
  • [Ilugc] TAR security
    • From: Masatran, R. Deepak

• References:
  • [Ilugc] TAR security
    • From: Masatran, R. Deepak

Other related posts:

• » [Ilugc] TAR security- Masatran, R. Deepak
• » [Ilugc] TAR security - Arun Khan
• » [Ilugc] TAR security- Kapil Hari Paranjape
• » [Ilugc] TAR security- Masatran, R. Deepak
• » [Ilugc] TAR security- Kapil Hari Paranjape

1. Home
2. ilugc
3. Archive
4. 07-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---