github.com/mckael/restic@v0.8.3/changelog/0.8.0_2017-11-26/issue-1445

github.com/mckael/restic@v0.8.3/changelog/0.8.0_2017-11-26/issue-1445 (about)

     1  Security: Prevent writing outside the target directory during restore
     2  
     3  A vulnerability was found in the restic restorer, which allowed attackers in
     4  special circumstances to restore files to a location outside of the target
     5  directory. Due to the circumstances we estimate this to be a low-risk
     6  vulnerability, but urge all users to upgrade to the latest version of restic.
     7  
     8  Exploiting the vulnerability requires a Linux/Unix system which saves backups
     9  via restic and a Windows systems which restores files from the repo. In
    10  addition, the attackers need to be able to create create files with arbitrary
    11  names which are then saved to the restic repo. For example, by creating a file
    12  named "..\test.txt" (which is a perfectly legal filename on Linux) and
    13  restoring a snapshot containing this file on Windows, it would be written to
    14  the parent of the target directory.
    15  
    16  We'd like to thank Tyler Spivey for reporting this responsibly!
    17  
    18  https://github.com/restic/restic/pull/1445