Bug#882177: busybox: unzip creates world-writable directories

To: submit@bugs.debian.org
Subject: Bug#882177: busybox: unzip creates world-writable directories
From: Jakub Wilk <jwilk@jwilk.net>
Date: Sun, 19 Nov 2017 23:08:09 +0100
Message-id: <[🔎] 20171119220809.jnqvarsnxelswsbv@jwilk.net>
Reply-to: Jakub Wilk <jwilk@jwilk.net>, 882177@bugs.debian.org

Package: busybox
Version: 1:1.27.2-1
Tags: security

When busybox's unzip creates a directory that is not shipped directly inthe zip file, it makes the directory world-writable:


  $ zipinfo moo.zip
  Archive:  moo.zip
  Zip file size: 112 bytes, number of entries: 1
  -rw-r--r--  3.0 unx        0 b- stor 17-Nov-19 22:51 moo/moo
  1 file, 0 bytes uncompressed, 0 bytes compressed:  0.0%

  $ busybox unzip moo.zip
  Archive:  moo.zip
    inflating: moo/moo

  $ ls -ld moo
  drwxrwxrwx 2 jwilk users 4096 Nov 19 22:03 moo


-- System Information:
Architecture: i386

Versions of packages busybox depends on:
ii  libc6  2.25-1

--
Jakub Wilk

Reply to:

Prev by Date: Bug#882175: busybox: out-of-bounds read in get_header_ar()
Next by Date: Bug#882177: busybox: unzip creates world-writable directories
Previous by thread: Bug#882175: busybox: out-of-bounds read in get_header_ar()
Next by thread: Bug#882177: busybox: unzip creates world-writable directories
Index(es):
- Date
- Thread