[Python-Dev] tarfile and directory traversal vulnerability
Jan Matejek
jmatejek at suse.cz
Mon Aug 27 19:40:36 CEST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lars Gustäbel wrote:
> Suppose we have:
> foo -> /etc
> foo/passwd
>
> If creation of the foo symlink is delayed, foo/passwd will be
> extracted in a directory foo which will be created implicitly.
> If we create the foo symlink afterwards it will fail because foo
> already exists. The best way would be to completely ignore
> members and link targets that are absolute or outside the
> archive's scope.
GNU tar doesn't descend into symlinked directories when extracting, such
archive fails anyway:
# tar xvf foo.tar
foo
foo/passwd
tar: foo/passwd: Cannot open: Not a directory
tar: Error exit delayed from previous errors
I think that is the simplest solution, but i'm not sure how to best
implement that in extractall().
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFG0wyUjBrWA+AvBr8RAjkJAKCJS+hkV1HYL9egOsyeTE5vj44r5ACeNmt7
HquYw+ON+5qVNoC778OtQRE=
=9Kx/
-----END PGP SIGNATURE-----
More information about the Python-Dev
mailing list