If a filesystem holds a symlink pointing to a file located within a directory the process user has no access to, an unhandled PermissionError exception will be raised and stop the extraction.
In the attached sample, the badlink file points to /etc/ssl/private/ssl-cert-snakeoil.key. This file can't be read due to permissions on /etc/ssl/private:
ls -al /etc/ssl
total 52
drwxr-xr-x 4 root root 4096 feb 28 09:57 .
drwxr-xr-x 204 root root 12288 apr 10 14:11 ..
drwxr-xr-x 3 root root 16384 jun 8 2023 certs
-rw-r--r-- 1 root root 12419 feb 6 2023 openssl.cnf
drwx--x--- 2 root ssl-cert 4096 jun 8 2023 private
When calling .exists(), pathlib follows the symlink and calls stat() on the destination. Since the destination is in a directory that can't be read, the stat call fails.
One solution would be to use the follow_symlinks attribute of exists(), but it's only available since Python 3.12 so it's a no go.
File "/home/quentin/.local/lib/python3.10/site-packages/unblob/extractor.py", line 102, in _fix_extracted_directory
fix_permission(path)
File "/home/quentin/.local/lib/python3.10/site-packages/unblob/extractor.py", line 26, in fix_permission
if not path.exists():
File "/usr/lib/python3.10/pathlib.py", line 1290, in exists
self.stat()
If a filesystem holds a symlink pointing to a file located within a directory the process user has no access to, an unhandled
PermissionError
exception will be raised and stop the extraction.In the attached sample, the
badlink
file points to/etc/ssl/private/ssl-cert-snakeoil.key
. This file can't be read due to permissions on/etc/ssl/private
:When calling
.exists()
, pathlib follows the symlink and callsstat()
on the destination. Since the destination is in a directory that can't be read, thestat
call fails.One solution would be to use the follow_symlinks attribute of
exists()
, but it's only available since Python 3.12 so it's a no go.Sample: sample.zip
Stack trace: