lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050805233416.GG20431@obscurity.org>
Date: Fri, 5 Aug 2005 16:34:16 -0700
From: Sean Comeau <scomeau@...secwest.com>
To: Imran Ghory <imranghory@...il.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: tar preserves setuid bit


On Fri, Aug 05, 2005 at 12:52:50AM +0100, Imran Ghory wrote:
> The default behaviour of tar under root is not to change ownership of
> the file to root. However owner information is extracted from the tar
> file, so a trivialy modified tar file can ensure the owner of the
> extracted files is the root user.
> 
> This allows for the creation of arbitary setuid executable owned by
> the root user if the root user extracts the files from a malliciously
> crafted tar file.
> 

So what? When using tar to make backups this is what you need. 

The default behavior of GNU tar (and others) not to change the ownership 
of extracted files to self when running as root is well documented.

The only attack I see in your case is when the attacker is a local user
who gives root a tar with a setuid root program in it and root untars it 
in a place where the attacker can run it. While I'm sure such situations 
exist, I think they are rare, entirely the fault of the admin, and not 
worth changing the default behavior of tar over. 



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ