Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Oct 2014 19:48:52 -0500
From:      Jason Hellenthal <jhellenthal@dataix.net>
To:        Daniel Braniss <danny@cs.huji.ac.il>
Cc:        "hackers@freebsd.org" <hackers@freebsd.org>, Ian Lepore <ian@FreeBSD.org>
Subject:   Re: tar and /
Message-ID:  <221B7CFC-4AE2-4DAF-9E6E-565715B87172@dataix.net>
In-Reply-To: <EF765340-81BE-4461-8DF4-5CAC4F5DDCD7@cs.huji.ac.il>
References:  <ED20B859-CDFF-4205-B7A9-A1A86AAAE1D9@cs.huji.ac.il> <FD9D0411-6043-4AAD-8EE4-6277EFBB0900@dataix.net> <EF765340-81BE-4461-8DF4-5CAC4F5DDCD7@cs.huji.ac.il>

next in thread | previous in thread | raw e-mail | index | archive | help
Damn! I thought we were past this issue long ago using relative paths instea=
d absolute paths. Wonder what ever happened to that standard of safety. Unle=
ss I am mistaking one thing for another.

Symbolic links obviously should not be starting with "/".=20

Hard links on the other hand should be broken once inside a tar file and no l=
onger referencing a previous inode. So if I understand this correctly this i=
s what you are seeing ?

On another note from this ... I was by aware hard links could be created to a=
nything but files ... ? So I'm confused here ?

--=20
 Jason Hellenthal
 Mobile: +1 (616) 953-0176
 jhellenthal@DataIX.net
 JJH48-ARIN

On Oct 8, 2014, at 01:24, Daniel Braniss <danny@cs.huji.ac.il> wrote:

A facts that I did not mention:
   the tar file is created by ports when requesting =E2=80=98package=E2=80=99=
, it now adds
       /usr/local
making extraction difficult for those that use nfs/amd for /usr/local
(the solution is to extract the files in /var/tmp, and re-taring without the=
 /usr/local :-)

to my surprise, even though tar complains that it can=E2=80=99t do the link t=
o /
it actually does the link!!
notice that I mentioned =E2=80=98link', not symlink! which of course brings t=
he question why some ports insist
on link, and  not symlink is beyond me.

thanks
   danny

> On Oct 7, 2014, at 5:35 PM, Jason Hellenthal <jhellenthal@dataix.net> wrot=
e:
>=20
> =46rom tar(1)
>=20
>    o       Archive entries can exploit symbolic links to restore files to o=
ther directories.
>            An archive can restore a symbolic link to another directory, th=
en use that link to
>            restore a file into that directory.  To guard against this, tar=
 checks each
>            extracted path for symlinks.  If the final path element is a sy=
mlink, it will be
>            removed and replaced with the archive entry.  If -U is specifie=
d, any intermediate
>            symlink will also be unconditionally removed.  If neither -U no=
r -P is specified,
>            tar will refuse to extract the entry.
>=20
> With that stated you might want to roll through your filesystem with symli=
nks(1) [sysutils/symlinks]. Use of this to shorten, remove dangling etc..
>=20
> DESCRIPTION
>      symlinks  is a useful utility for maintainers of FTP sites, CDROMs, a=
nd
>      Linux software distributions.  It scans directories for symbolic  lin=
ks
>      and lists them on stdout, often revealing flaws in the filesystem tre=
e.
>=20
>      Each link is output with a classification of relative,  absolute,  da=
n-
>      gling, messy, lengthy, or other_fs.
>=20
>      relative  links  are those expressed as paths relative to the directo=
ry
>      in which the links reside, usually independent of the  mount  point  o=
f
>      the filesystem.
>=20
>      absolute links are those given as an absolute path from the root dire=
c-
>      tory as indicated by a leading slash (/).
>=20
>      dangling links are those for which the target of the link does not cu=
r-
>      rently  exist.  This commonly occurs for absolute links when a filesy=
s-
>      tem is mounted at other than its customary mount point  (such  as  wh=
en
>      the normal root filesystem is mounted at /mnt after booting from alte=
r-
>      native media).
>=20
>      messy links are links which contain unnecessary slashes or dots in  t=
he
>      path.  These are cleaned up as well when -c is specified.
>=20
>      lengthy links are links which use "../" more than necessary in the pa=
th
>      (eg.  /bin/vi -> ../bin/vim) These are only detected when -s is  spec=
i-
>      fied, and are only cleaned up when -c is also specified.
>=20
>      other_fs  are those links whose target currently resides on a differe=
nt
>      filesystem from where symlinks was run (most useful with -r ).
>=20
> Hope this helps.
>=20
>> On Oct 7, 2014, at 1:44, Daniel Braniss <danny@cs.huji.ac.il> wrote:
>>=20
>> hi,Ian Lepore <ian@FreeBSD.org>
>> for security reasons tar removes the leading /, which is fine.
>> so I can chadir to /var/tmp, and do an extract there. The problem arises w=
hen there
>> is a file that is linked to /=E2=80=A6
>> Is there some way to drop that leading =E2=80=98/=E2=80=98 too?
>>=20
>> cheers,
>>=20
>> _______________________________________________
>> freebsd-hackers@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org=
"
>=20
> --=20
> Jason Hellenthal
> Mobile: +1 (616) 953-0176
> jhellenthal@DataIX.net
> JJH48-ARIN




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?221B7CFC-4AE2-4DAF-9E6E-565715B87172>