On Wednesday, June 7, 2017 10:07:21 AM CEST Cedric Buissart wrote: > > In other words and IMO, if we were about to fix this issue - we should only > > refuse to extract files through symlinks. > > Through any symlinks, or only those created by the archive itself ?
Remembering the extracted links might be expensive, and with --no-absolute-filenames we want to stay in CWD anyway - no matter how the links in CWD were created. > The latter might look less restrictive, but what happens if a local > attacker is able to create a symlink. Is it something that should be > considered ? Usually user should avoid races manually when running archiver: https://www.gnu.org/software/tar/manual/html_node/Race-conditions.html Pavel
