Red Hat Bugzilla – Bug 4725
wget should not chmod mirrored symlinks to 0777
Last modified: 2008-05-01 11:37:51 EDT
Assume the maintainer of an anonymous ftp site is malicious
toward someone who uses wget to mirror his site. He could
put in simlinks such as
a -> ..
b -> ../..
c -> ../../..
d -> ../../../..
s -> /bin/sh
Those will all be listed as having 0777 perms since all
simlinks do. If wget --mirror, for example, is used to
mirror this ftp site and the wget user is not aware of
the presence of those links (among a bunch of others files),
wget will do ``chmod 0777 l'' on the copy of link l thereby
effectively changing the permission of the pointed-to file,
if the wget user has the right to do so. This could then be
used by a local user of the system running wget.
I will send a patch for this which I submitted to
email@example.com without receving an answer for 2 months.
Fixed in wget-1.5.3-5. Thanks for the patch.