 Relationships |
|
| Anonymous | Login | Signup for a new account | 11-10-2008 11:18 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0001477 | [BusyBox] Documentation | minor | always | 08-28-07 15:11 | 09-13-07 08:17 | ||||
| Reporter | basagalar | View Status | public | ||||||
| Assigned To | BusyBox | ||||||||
| Priority | normal | Resolution | fixed | ||||||
| Status | closed | Product Version | |||||||
| Summary | 0001477: cp does not work with /dev files | ||||||||
| Description | I have upgraded to 1.6.1 and noticed that when I want to copy an image to a device node (a block device), cp was basically overwriting the device file with an actual copy of the image, instead of copying it to the device. This issue is not present on v1.4.0, cp works fine with /dev nodes | ||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
|
Relationships |
|
|
Notes |
|
|
(0002702) vda 08-29-07 03:48 edited on: 08-29-07 04:07 |
You are doing "cp file /dev/disk". You expect cp to open and overwrite /dev/disk. However, think what will happen if I do this: cp -a /backups/etc /tmp and malicious user created /tmp/etc/passwd symlink which points into his file? In order to prevent this, I should check beforehand whether /tmp/etc exists, and this stil isn't fail-safe - user can create /tmp/etc after I did the check, but before I do cp. Another example: user asked me to restore *his* homedir from backup. A friendly admin does this: cp -a /backups/home/user /home But user is malicious and he has created /home/user/new_passwd symlink which points to /etc/passwd, and backup also has user/new_passwd (as ordinary file). I consider this unacceptable. Yes, I can be paranoid, remember all these small nasty things and never copy stuff into /tmp, and do a zillion of checks when I copy stuff to user's dirs. But I rather don't. I want cp to NOT overwrite existing files, I want it to unlink and re-create them. I know that it isn't POSIX compliant. I think sanity sometimes is more important than POSIX. Back to your needs. Why can't you use "cat file >/dev/disk"? |
|
(0002739) jackson 09-13-07 00:45 |
Can anyone give me the exact steps to reproduce this scenario. |
|
(0002740) vda 09-13-07 08:17 |
Fixed in svn, will be in 1.7.1 http://busybox.net/downloads/fixes-1.7.0/busybox-1.7.0-cp.patch [^] |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 08-28-07 15:11 | basagalar | New Issue | |
| 08-28-07 15:11 | basagalar | Status | new => assigned |
| 08-28-07 15:11 | basagalar | Assigned To | => BusyBox |
| 08-29-07 03:48 | vda | Note Added: 0002702 | |
| 08-29-07 04:06 | vda | Note Edited: 0002702 | |
| 08-29-07 04:07 | vda | Note Edited: 0002702 | |
| 09-13-07 00:45 | jackson | Note Added: 0002739 | |
| 09-13-07 08:17 | vda | Status | assigned => closed |
| 09-13-07 08:17 | vda | Note Added: 0002740 | |
| 09-13-07 08:17 | vda | Resolution | open => fixed |
| Copyright © 2000 - 2006 Mantis Group |  |
