Re: [Bug-tar] Unexpected symlink attack due to change in link following

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-tar] Unexpected symlink attack due to change in link following

From:	Sergey Poznyakoff
Subject:	Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour
Date:	Mon, 12 Sep 2005 13:28:32 +0300

Clarence Dang <address@hidden> wrote:

> I just discovered that tar 1.14 enabled the opposite of "--no-overwrite-dir" 
> by default.  This is an unexpected and subtle change in behavior.

The change in question was mage on 2001-09-24 in order to make the
default GNU tar behavior compatible with that of another existing tar
implementations.

It was discussed on the list and is explicitely documented in NEWS file.

Regards,
Sergey

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-tar] Unexpected symlink attack due to change in link following behaviour, Clarence Dang, 2005/09/12
- Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour, Sergey Poznyakoff <=
  - Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour, Clarence Dang, 2005/09/12
    - Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour, Sergey Poznyakoff, 2005/09/12
    - Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour, Joerg Schilling, 2005/09/12
    - Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour, Paul Eggert, 2005/09/12

Prev by Date: Re: [Bug-tar] BUG in version 1.13.25
Next by Date: Re: [Bug-tar] BUG in version 1.13.25
Previous by thread: [Bug-tar] Unexpected symlink attack due to change in link following behaviour
Next by thread: Re: [Bug-tar] Unexpected symlink attack due to change in link following behaviour
Index(es):
- Date
- Thread