[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles)

From: Oystein Viggen
Subject: Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles)
Date: Mon, 18 Mar 2002 11:15:04 +0100
User-agent: Gnus/5.090005 (Oort Gnus v0.05) XEmacs/21.1 (Capitol Reef, i386-debian-linux)

* [Niels Möller] 

> Well, translators run as the owner of the node to which they are
> attached. Don't attach translators you don't trust to your files.

And don't attach translators to files you don't trust.  I don't think
there is anything today that stops me from sending you an ext2 image
with a passive translator that deletes your homedir when you access the
translated node in the image.

>> Suppose a tarfs that honors translator settings in arbitrary
>> archives; then looking at a filesystem presentation of an archive
>> that contains such a malicious server and a node with that server
>> set on it will be pretty unpleasant.
> Hmm. That's slightly than tarfiles containing executables or setuid
> executables. It might make sense to make tar more paranoid by default,
> with some option to make it accept dangerous things.

I can't se that tarfs could be more dangerous than ext2fs already is,
with regard to translators and non-trusted archives.  However, as tar is
likely to be more widely used than ext2 images as a file exchange
format, making tarfs more likely to be used on untrusted files, making
tarfs more paranoid by default would probably be a good idea.

(then again, most people today don't even tar tf before a tar xf, which
I believe leaves them vulnerable to the symlink tricks you mention,
even with GNU tar.)

Ebg13 arire tbrf bhg bs fglyr..

reply via email to

[Prev in Thread] Current Thread [Next in Thread]