| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Aug 2005 16:34:16 -0700 From: Sean Comeau <scomeau@...secwest.com> To: Imran Ghory <imranghory@...il.com> Cc: bugtraq@...urityfocus.com Subject: Re: tar preserves setuid bit On Fri, Aug 05, 2005 at 12:52:50AM +0100, Imran Ghory wrote: > The default behaviour of tar under root is not to change ownership of > the file to root. However owner information is extracted from the tar > file, so a trivialy modified tar file can ensure the owner of the > extracted files is the root user. > > This allows for the creation of arbitary setuid executable owned by > the root user if the root user extracts the files from a malliciously > crafted tar file. > So what? When using tar to make backups this is what you need. The default behavior of GNU tar (and others) not to change the ownership of extracted files to self when running as root is well documented. The only attack I see in your case is when the attacker is a local user who gives root a tar with a setuid root program in it and root untars it in a place where the attacker can run it. While I'm sure such situations exist, I think they are rare, entirely the fault of the admin, and not worth changing the default behavior of tar over.
Powered by blists - more mailing lists