Richard Kreuter <[EMAIL PROTECTED]> writes: > <Slightly offtopic> There is also the possibility of 'malicious > servers', say, a server that tries to remove the files in the owner's > home directory when it starts up.
Well, translators run as the owner of the node to which they are attached. Don't attach translators you don't trust to your files. > Suppose a tarfs that honors translator settings in arbitrary > archives; then looking at a filesystem presentation of an archive > that contains such a malicious server and a node with that server > set on it will be pretty unpleasant. Hmm. That's slightly than tarfiles containing executables or setuid executables. It might make sense to make tar more paranoid by default, with some option to make it accept dangerous things. But that paranoid tar-behaviour should also do some other checks, like not overwriting arbitrary files (like you can do by having the tarfile include a symlink to /somewhere, and then some contents for somewhere, iirc), and I'd be most happy if it also requires the tar file to create all files into a new subdirectory. But then again, it's common practice to distribute executable code, e.g. configure scripts, Makefile, even C-code ;-), which users are encouraged to run, as tar files. So translators are not the first security problem with extracting malicious tar-files. /Niels _______________________________________________ Help-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/help-hurd
