-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 2010/06/17 13:53, Peter Jeremy wrote:
> On 2010-Jun-15 17:22:50 -0700, Xin LI <delp...@delphij.net> wrote:
>> On 2010/06/15 17:05, Sean Bruno wrote:
>>> A little more background. It looks like symlinks are getting stripped
>>> of their '/' which sucks. Ideas?
> ...
>>> e.g. /home/foo/bar -> /opt/baz/blob
>>>
>>> becomes
>>>
>>> home/foo/bar -> opt/baz/blob
>>>
>>> Yuck.
>>
>> This is a security measurement I think.
>
> Can someone please explain how stripping a leading '/' off the
> destination of a symlink enhances security? The destination is
> not being written to.
>
>> --absolute-filenames disables this behavior.
>
> This definitely reduces security and would seem to be far more
> dangerous than being able to create symlinks to absolute pathnames.
Sorry I have misunderstood the original issue. It's the link target
being mangled and doesn't seem right to me. I'll ask the author about this.
The attached patch should restore the old behavior.
Cheers,
- --
Xin LI <delp...@delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
iQEcBAEBCAAGBQJMGp3tAAoJEATO+BI/yjfBIkIH/0buRkFHzuflR49XomlHNk4Q
uG8uY9/tlyBH6hNTnAqOfjGZLRM500nIifathpIeMd5BNvt2m6OLnuCHlX0Fu7LV
nc83dS4nL1URp1gZqDrRcXTYMlV+2mASslyz/HpqJSIYx/sfKgRujWoqQr6Qufmu
qAMt0324UYIABlPo/M4tsU9LQoPheQLBq+FozcUvxwdoQsy5H1fCaNI4efwTpGNR
CLvBypCRw8ALnoOQAYWQXQF6x/tEO33Y5DVloDh1B/5haSTFmKJK8rlRucY6A731
QysspgLtRMJ7NWJfCbJr7mA/4aqqDMzg3bIZzkgYmGUoV0EsHy5tQQKdkz1I1Mw=
=A705
-----END PGP SIGNATURE-----
Index: contrib/cpio/src/copyout.c
===================================================================
--- contrib/cpio/src/copyout.c (revision 209216)
+++ contrib/cpio/src/copyout.c (working copy)
@@ -836,9 +836,6 @@ process_copy_out ()
continue;
}
link_name[link_size] = 0;
- cpio_safer_name_suffix (link_name, false,
- abs_paths_flag, true);
- link_size = strlen (link_name);
file_hdr.c_filesize = link_size;
if (archive_format == arf_tar || archive_format == arf_ustar)
{
Index: contrib/cpio/src/util.c
===================================================================
--- contrib/cpio/src/util.c (revision 209216)
+++ contrib/cpio/src/util.c (working copy)
@@ -1252,8 +1252,25 @@ stat_to_cpio (struct cpio_file_stat *hdr, struct s
hdr->c_uid = CPIO_UID (st->st_uid);
hdr->c_gid = CPIO_GID (st->st_gid);
hdr->c_nlink = st->st_nlink;
- hdr->c_rdev_maj = major (st->st_rdev);
- hdr->c_rdev_min = minor (st->st_rdev);
+
+ switch (hdr->c_mode & CP_IFMT)
+ {
+ case CP_IFBLK:
+ case CP_IFCHR:
+#ifdef CP_IFIFO
+ case CP_IFIFO:
+#endif
+#ifdef CP_IFSOCK
+ case CP_IFSOCK:
+#endif
+ hdr->c_rdev_maj = major (st->st_rdev);
+ hdr->c_rdev_min = minor (st->st_rdev);
+ break;
+ default:
+ hdr->c_rdev_maj = 0;
+ hdr->c_rdev_min = 0;
+ break;
+ }
hdr->c_mtime = st->st_mtime;
hdr->c_filesize = st->st_size;
hdr->c_chksum = 0;
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
