On Fri, Apr 15, 2005 at 12:54:51PM +0900, Mark Sargent wrote: > yes, of course, but, it's handy to have the option. Example, when > downloading/installing phpmyadmin, I had to cp the tar.gz to > /var/www/html, cd into the html dir, extract, then rm the tar.gz. Much > faster to just tar with the options --directory= and --no-same-name and > then it's just a matter of cd'ing into the new directory..cheers. But much more dangerous. See this, for example: <http://rhn.redhat.com/errata/RHSA-2002-096.html> A directory traversal vulnerability in unzip version 5.42 and earlier, as well as GNU tar 1.13.19 and earlier, allows attackers to overwrite arbitrary files during archive extraction via a ".." (dot dot) in an extracted filename. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2001-1267 and CAN-2001-1268 to this issue. That was several years ago, but there could be other such problems. You're untarring in /var/www/html, and oops, the archive contains ../../../etc/passwd.... -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/>
