diff options
author | kientzle <kientzle@FreeBSD.org> | 2004-05-02 00:43:02 +0000 |
---|---|---|
committer | kientzle <kientzle@FreeBSD.org> | 2004-05-02 00:43:02 +0000 |
commit | e3af2353c4be4d158a6e21613b28d7e9fad1528c (patch) | |
tree | 8584e804bc3a275fbec35aa20050cb05a5136a74 /usr.bin/xargs | |
parent | d6e4944c5b6b054356fa2039cfebfe12d144c290 (diff) | |
download | FreeBSD-src-e3af2353c4be4d158a6e21613b28d7e9fad1528c.zip FreeBSD-src-e3af2353c4be4d158a6e21613b28d7e9fad1528c.tar.gz |
A security issue: An archive containing a symlink to another
directory, then a file with that symlink as a prefix can drop a file
outside of the current directory, which can be a security hole.
Plug this hole by refusing to extract files if a prefix of the
pathname is a symlink. The -P option disables this check.
Diffstat (limited to 'usr.bin/xargs')
0 files changed, 0 insertions, 0 deletions