Skip Menu |

This queue is for tickets about the Archive-Zip CPAN distribution.

Report information
The Basics
Id: 14128
Status: open
Priority: 0/
Queue: Archive-Zip

People
Owner: Nobody in particular
Requestors: ak2 [...] smr.ru
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: (no value)
Fixed in: (no value)



Subject: Non-root can't do extractTree for archs containing dirs w/o own-writable perm.
Hello, The problem is that if an arch contains dirs with permissions not allowing an owner to write, then this arch tree can't be extracted by non-root. As an example of such an arch the attached test.zip can be used. It contains dir test_dir and file test_dir/test_file: #ls -lR . .: total 4 dr-xr-xr-x 2 nobody nobody 4096 Aug 11 13:19 test_dir ./test_dir: total 4 -r--r--r-- 1 nobody nobody 9 Aug 11 13:30 test_file Try to extractTree the arch into /tmp/ as nobody(assuming you're root): su nobody -c 'perl -MArchive::Zip -e'\'' $z=Archive::Zip->new(); $z->read($ARGV[0]); $z->extractTree("", "/tmp/")'\'' test.zip' -s /bin/sh It fails: IO error: Can't open file /tmp/test_dir/test_file for write : Permission denied at /usr/lib/perl5/site_perl/5.8.6/Archive/Zip.pm line 1791 Archive::Zip::Member::extractToFileNamed('Archive::Zip::ZipFileMember=HASH(0x8c14e0c)', '/tmp/test_dir/test_file') called at /usr/lib/perl5/site_perl/5.8.6/Archive/Zip.pm line 1179 Archive::Zip::Archive::extractTree('Archive::Zip::Archive=HASH(0x8bf9d4c)', '', '/tmp/') called at -e line 1 Yet it could be done with unzip: su nobody -c 'unzip -d /tmp test.zip' -s /bin/sh Archive: test.zip creating: /tmp/test_dir/ extracting: /tmp/test_dir/test_file I suggest to make all arch items own-writable while extracting an arch tree (in extractToFileNamed called from extractTree) and then set properly all permissions after extraction (in extractTree) Suggested patch will be attached to the next post. After this patch has been applied, the test.zip attached is extracted perfectly. Best regards Alexey Kravchuk
Download test.zip
application/x-zip-compressed 305b

Message body not shown because it is not plain text.

Trying to clean up some RT tickets here. Is this still an issue? Does the latest revision fix the problem?