[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles)
|
From: |
Oystein Viggen |
|
Subject: |
Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles) |
|
Date: |
Mon, 18 Mar 2002 11:15:04 +0100 |
|
User-agent: |
Gnus/5.090005 (Oort Gnus v0.05) XEmacs/21.1 (Capitol Reef, i386-debian-linux) |
* [Niels Möller]
> Well, translators run as the owner of the node to which they are
> attached. Don't attach translators you don't trust to your files.
And don't attach translators to files you don't trust. I don't think
there is anything today that stops me from sending you an ext2 image
with a passive translator that deletes your homedir when you access the
translated node in the image.
>> Suppose a tarfs that honors translator settings in arbitrary
>> archives; then looking at a filesystem presentation of an archive
>> that contains such a malicious server and a node with that server
>> set on it will be pretty unpleasant.
>
> Hmm. That's slightly than tarfiles containing executables or setuid
> executables. It might make sense to make tar more paranoid by default,
> with some option to make it accept dangerous things.
I can't se that tarfs could be more dangerous than ext2fs already is,
with regard to translators and non-trusted archives. However, as tar is
likely to be more widely used than ext2 images as a file exchange
format, making tarfs more likely to be used on untrusted files, making
tarfs more paranoid by default would probably be a good idea.
(then again, most people today don't even tar tf before a tar xf, which
I believe leaves them vulnerable to the symlink tricks you mention,
even with GNU tar.)
Oystein
--
Ebg13 arire tbrf bhg bs fglyr..
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), (continued)
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/18
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Andreas Voegele, 2002/03/19
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/19
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Richard Kreuter, 2002/03/19
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/19
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), kreuter, 2002/03/20
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/20
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Niels Möller, 2002/03/18
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles),
Oystein Viggen <=
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Jeroen Dekkers, 2002/03/18
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Mark Ellis, 2002/03/23
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Marcus Brinkmann, 2002/03/23
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Carl Wilhelm Soderstrom, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Richard Kreuter, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Carl Wilhelm Soderstrom, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Richard Kreuter, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Richard Kreuter, 2002/03/24
- Re: Hurd FS hierarchy (was Re: LD_LIBRARY_PATH troubles), Thomas Bushnell, BSG, 2002/03/24