Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-12-2007, 11:45 AM
|
#1
|
LQ Newbie
Registered: Sep 2006
Location: Fuerth, Germany
Distribution: FC6
Posts: 3
Rep:
|
tar p vulnerability
Hi,
if I create a tarball at my Linux at home, containing an executable with root as owner and the sticky bit set, then I still can login to a different Linux, where I don't have root permissions, and extract that executable using the p switch. That will preserve the root owner and the sticky bit, so that I gain control over that Linux.
Kind regards
Heiner
|
|
|
10-12-2007, 11:50 AM
|
#2
|
Member
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675
Rep:
|
Comment Removed By Poster
Last edited by nomb; 10-12-2007 at 12:46 PM.
|
|
|
10-12-2007, 12:11 PM
|
#3
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Heiner, the only way for untared files to have root ownership is if you have root privilages when you untar them. BTW, if you were able to have root-owned files when untaring them as a non-root user, that would be an operating system vulnerability, not a tar one.
|
|
|
10-13-2007, 04:14 AM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,415
|
Warning
Quote:
Originally Posted by Heiner
That will preserve the root owner and the sticky bit, so that I gain control over that Linux.
|
You're obviously new here. Please read the LQ Rules because you border on violating the LQ Rules: "Posts containing information about cracking, piracy, warez, fraud or any topic that could be damaging to either LinuxQuestions.org or any third party will be immediately removed." Feel free to contact me if you don't understand the LQ Rules.
|
|
|
10-13-2007, 08:32 PM
|
#5
|
LQ Newbie
Registered: Sep 2006
Location: Fuerth, Germany
Distribution: FC6
Posts: 3
Original Poster
Rep:
|
I'm very sorry
Quote:
Originally Posted by unSpawn
You're obviously new here. Please read the LQ Rules because you border on violating the LQ Rules: "Posts containing information about cracking, piracy, warez, fraud or any topic that could be damaging to either LinuxQuestions.org or any third party will be immediately removed." Feel free to contact me if you don't understand the LQ Rules.
|
Hi,
I am aware that the information, that I posted, can be used to crack a system. I intendedly posted in the security forum. But I want to help making software more secure. Sometimes it is necessary to talk about a vulnerability before someone else uses such a vulnerability when he has found out and not shared his knowledge. I want to give the OS programmers and the tar programmers a chance to think about the security of the p option.
kind regards
Heiner
|
|
|
10-13-2007, 10:35 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by Heiner
I am aware that the information, that I posted, can be used to crack a system. I intendedly posted in the security forum.
|
Cracking information is not allowed on ANY of the LQ forums.
Quote:
But I want to help making software more secure. Sometimes it is necessary to talk about a vulnerability before someone else uses such a vulnerability when he has found out and not shared his knowledge. I want to give the OS programmers and the tar programmers a chance to think about the security of the p option.
|
If you find a security vulnerability in a program, the ethical first thing to do is to contact the developer in private - not go and post it on a public website. There is actually a de-facto standard order of steps to take in these cases, and it goes something like: 1) Notify developer. 2) Notify users. 3) Notify public. Google for vulnerability disclosure guidelines if you want details.
As a side note, I hope that by now you understand that something is definitely not right in your setup, and the "vulnerability" you are refering to might just mean that something is broken on your box. Or perhaps you haven't even tried to do it yet but you imagine it would work this way. I don't know. All I can tell you is that non-root users will not be able to have files untar with root permissions no matter how many sticky bits were set.
Having said that, I'm closing this thread because even though the vulnerability you speak of seems imaginary to me, the intention behind your post (to share information about what you believe really is a crack) is very real and it is not compatible with the LQ Rules, as has already been mentioned by unSpawn. Don't ever make these type of posts again - consider this an official warning.
Last edited by win32sux; 10-13-2007 at 10:40 PM.
|
|
|
All times are GMT -5. The time now is 11:00 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|