[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] rmt filename support make tar vulnerable?
|
From: |
Joerg Schilling |
|
Subject: |
Re: [Bug-tar] rmt filename support make tar vulnerable? |
|
Date: |
Tue, 5 Feb 2019 11:37:27 +0100 |
|
User-agent: |
Heirloom mailx 12.5 7/5/10 |
Sergey Poznyakoff <address@hidden> wrote:
> > Back in January of 2005, Joey Hess pointed out in a bug report against
> > Debian's package of tar that's actually an enhancement request, and as I
>
> Thanks. However, this report is based on a premise that doesn't seem
> valid to me:
>
> "Anything with a colon will do, though a real rmt volume
> probably has a path after the colon."
>
> I don't see any reason why the remote archive name must contain an
> absolute file name in it (which, apparently, "path" in the above
> fragment implies). It can quite reasonably refer to a relative one as
> well.
More important issues with gtar & rmt are:
- The GNU RMT server allows arbitrary names and thus permits to use it
as file transfer protocol for any readable file. The rmt server from
star has configurable safety filters since 2001.
- Linux ignores RMTIO command value rules that exist since 1980 and
since "grmtd" and gtar does not implement the RMT protocol version 1,
it is possible to erase a remote tape if you just intend to rewind it
and the OS on local and remote side are not identical.
It would be nice if gtar could implement modern enhancements...
Jörg
--
EMail:address@hidden (home) Jörg Schilling D-13353 Berlin
address@hidden (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.org/private/ http://sf.net/projects/schilytools/files/'