I get the auto stripping also...

But, you could do this type of evil... 

[root@localhost root]# mkdir /foo.chroot /foo.chroot/lib
[root@localhost root]# ldd /bin/tar
        librt.so.1 => /lib/librt.so.1 (0x40027000)
        libc.so.6 => /lib/libc.so.6 (0x40039000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x40177000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
[root@localhost root]# (cd /lib && cp -p librt.so.1 libc.so.6 libpthre
+ad.so.0 ld-linux.so.2 /foo.chroot/lib)
[root@localhost root]# cp -p /bin/tar /foo.chroot
[root@localhost root]#
[root@localhost root]# cat >/etc/passwd.gotcha
gotcha!
^D
[root@localhost root]# tar cvf gotcha.tar /etc/passwd.gotcha
tar: Removing leading `/' from member names
etc/passwd.gotcha
[root@localhost root]# man tar
...
[root@localhost root]# tar Pcvf gotcha.tar /etc/passwd.gotcha
/etc/passwd.gotcha
[root@localhost root]# tar tvf gotcha.tar
-rw-r--r-- root/root         8 2002-04-02 17:15:50 /etc/passwd.gotcha
[root@localhost root]# rm -f /etc/passwd.gotcha
[root@localhost root]# tar xvf gotcha.tar
/etc/passwd.gotcha
tar: Removing leading `/' from member names
[root@localhost root]# ls ./etc/passwd.gotcha
./etc/passwd.gotcha
[root@localhost root]# rm ./etc/passwd.gotcha
[root@localhost root]# tar Pxvf gotcha.tar
/etc/passwd.gotcha
[root@localhost root]# ls /etc/passwd.gotcha
/etc/passwd.gotcha
[root@localhost root]# rm /etc/passwd.gotcha
[root@localhost root]# # ob. untested perl ;)
[root@localhost root]# perl -e 'print qx(cat gotcha.tar | chroot /foo.
+chroot ./tar Pxvf -)'
/etc/passwd.gotcha
[root@localhost root]# ls /etc/passwd.gotcha
ls: /etc/passwd.gotcha: No such file or directory
[root@localhost root]# ls /foo.chroot/etc/passwd.gotcha
/foo.chroot/etc/passwd.gotcha

[download]

In reply to Re: Security Hole in Archive::Tar ?? by zengargoyle
in thread Security Hole in Archive::Tar ?? by MadPogo

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.