10.1-RC1 tar(1) spurious directory traversal permission error
John Marshall
john.marshall at riverwillow.com.au
Wed Oct 22 23:39:42 UTC 2014
On Thu, 23 Oct 2014, 05:18 +1100, Peter Jeremy wrote:
> The directory traversal code in tar(1) in 10.x has changed to use openat(2)
> instead of chdir(2). Unfortunately, it appears there's an off-by-one error
> when popping back up the directory tree at the end and it winds up doing an
> openat(fd, "..", ...)
> at a point where fd references the directory specified in the '-C' option to
> tar. If that directory (the parent of the one passed to -C) is unreadable
> then it reports an error. To reproduce:
Thanks, Peter, for the independent confirmation.
The scenario of traversal-only access to the parent directory is common
in a situation where the directory contains per-user subdirectories, and
each user has no business knowing about any subdirectory but his own.
The archive generated is fine, the user has full permission to the
directory being archived, but tar(1) exits with an error status.
I regard this regression as a bug. I have updated Bug 194477.
--
John Marshall
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20141023/2e1a116c/attachment.sig>
More information about the freebsd-stable
mailing list