[Bug-tar] rmt filename support make tar vulnerable?

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-tar] rmt filename support make tar vulnerable?

From:	Bdale Garbee
Subject:	[Bug-tar] rmt filename support make tar vulnerable?
Date:	Mon, 04 Feb 2019 09:22:04 -0700

Back in January of 2005, Joey Hess pointed out in a bug report against
Debian's package of tar that's actually an enhancement request, and as I
clean up my open bug list in preparation for the next Debian release I
realized we never passed it along.

The concern expressed is that tar is vulnerable to potential phishing
attacks because the rmt support doesn't require a slash after the colon,
and thus what's intended to be used for a path name could in theory be
used to enable a network exploit.  More details in the bug log at:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=290435

I have to admit that I can't remember the last time I actually used the
rmt support... today it seems so much more obvious to pipe things over
an ssh connection, etc?

Any thoughts on whether to take any action on this now, and if so, what,
would be appreciated.

Regards,

Bdale

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-tar] rmt filename support make tar vulnerable?, Bdale Garbee <=
- Re: [Bug-tar] rmt filename support make tar vulnerable?, Sergey Poznyakoff, 2019/02/04
  - Re: [Bug-tar] rmt filename support make tar vulnerable?, Joerg Schilling, 2019/02/05

Prev by Date: [Bug-tar] [GNU tar 1.31] testsuite: 30 142 failed
Next by Date: [Bug-tar] tar corrupts filenames when using --delete
Previous by thread: [Bug-tar] [GNU tar 1.31] testsuite: 30 142 failed
Next by thread: Re: [Bug-tar] rmt filename support make tar vulnerable?
Index(es):
- Date
- Thread