Re: tar extraction fails on a CIFS file system, due to a symlink

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tar extraction fails on a CIFS file system, due to a symlink

From:	Paul Eggert
Subject:	Re: tar extraction fails on a CIFS file system, due to a symlink
Date:	Fri, 27 Dec 2024 11:54:47 -0800
User-agent:	Mozilla Thunderbird

On 12/21/24 07:18, Bruno Haible via Bug reports for GNU Tar wrote:

Possible suggestion: Report it as a bug to the Linux kernel people?

That sounds best. If the CIFS kernel module can't support settingsymlink timestamps on , it should fail with ENOTSUP rather than followthe symlink.

Symlinks seem to be a sore spot with Samba and there's been some recentsymlink activity in linux/fs/smb/client (e.g., [1]) and I imagine on theserver side as well, so the problem may be specific to a specific Linuxkernel or CIFS server version or their combination.

Alternate suggestion: Delay utimensat() calls until the end of the 'tar' run?
   (Then 'tar' would have set wrong time stamps but exited with code 0.)

I don't see how that would help. If utimensat ignoresAT_SYMLINK_NOFOLLOW, an attacker can craft a tarball that can settimestamps on any file the victim has access to. This would be true evenif tar delayed utimensat calls.

Presumably other apps are also affected by this bug, and I imagine theycan't easily work around it either.

[1]:https://github.com/torvalds/linux/commit/6a832bc8bbb22350f7ffe6ecb2d36f261bb96023

[Prev in Thread]

Current Thread

[Next in Thread]

tar extraction fails on a CIFS file system, due to a symlink, Bruno Haible, 2024/12/21
- Re: tar extraction fails on a CIFS file system, due to a symlink, Paul Eggert <=

Prev by Date: Re: username and groupname prone to overflowing
Next by Date: Re: [GNU tar 1.35] testsuite: 129 failed
Previous by thread: tar extraction fails on a CIFS file system, due to a symlink
Next by thread: new_argc is prone to integer overflow
Index(es):
- Date
- Thread