zhangyiss/spack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sanitize ownership when extracting tarfiles (#31524)

Browse Source
This commit is contained in:
Jonathon Anderson 2022-07-12 02:28:24 -05:00 committed by GitHub
parent 5bd1074afb
commit 25f198aa91
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/spack/spack/util/compression.py
View File

@ -79,9 +79,15 @@ def _untar(archive_file):
if tar_support() and not uncompress_required and\ if tar_support() and not uncompress_required and\
not lzma_needed_and_not_available: not lzma_needed_and_not_available:
import tarfile import tarfile
tar = tarfile.open(archive_file)
tar.extractall() # Extract all members but wipe ownership info. This ensures we
tar.close() # will not attempt to chown the files as superuser.
def filter(tarinfo):
tarinfo.uid = tarinfo.gid = 0
tarinfo.uname = tarinfo.gname = 'root'
return tarinfo
with tarfile.open(archive_file) as tar:
tar.extractall(members=map(filter, tar.getmembers()))
else: else:
tar = which('tar', required=True) tar = which('tar', required=True)
tar.add_default_arg('-oxf') tar.add_default_arg('-oxf')