[Hackage] #246: cabal-install's tar unpacking does not cope
well with links
Hackage
trac at galois.com
Sun Mar 9 09:02:20 EDT 2008
#246: cabal-install's tar unpacking does not cope well with links
---------------------------------+------------------------------------------
Reporter: duncan | Owner:
Type: defect | Status: closed
Priority: normal | Milestone:
Component: cabal-install tool | Version: 1.2.3.0
Severity: normal | Resolution: fixed
Keywords: | Difficulty: very easy (<1 hour)
Ghcversion: 6.8.2 | Platform:
---------------------------------+------------------------------------------
Changes (by kolmodin):
* status: new => closed
* resolution: => fixed
Comment:
{{{
Tue Mar 4 20:42:55 CET 2008 Lennart Kolmodin <kolmodin at gentoo.org>
* Fix defect when unpacking tar files containing links
There were two issues;
* Unpacking links that point to files not yet unpacked
* Used the link target as absolute path, but it's relative
This patch addresses both issues, which is ticket #246.
There may still be errors if a link refer to another link which has not
been unpacked yet.
}}}
We should think of sanity (and security) too, what if a link points
outside the working directory?
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/246#comment:1>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
More information about the cabal-devel
mailing list