An official version of the popular 7-zip archiving program has been released for Linux for the first time.
Linux already had support for the 7-zip archive file format through a POSIX port called p7zip but it was maintained by a different developer.
As the p7zip developer has not maintained their project for 4-5 years, 7-Zip developer Igor Pavlov decided to create a new official Linux version based on the latest 7-Zip source code.
Pavlov has released 7-Zip for Linux in AMD64, ARM64, x86, and armhf versions, which users can download at the following links:
- 7-Zip for 64-bit Linux x86-64 (AMD64)
- 7-Zip for 64-bit Linux ARM64
- 7-Zip for 32-bit Linux x86
- 7-Zip for 32-bit Linux armhf
This first version of 7-Zip for Linux is released as a console application and has similar, but not identical, command-line arguments as p7zip.
While Pavlov has not released the source yet, he shared some information on how it has been compiled. As he self-admittedly does not work with Linux, he has requested other developers' advice on the best way to compile the program.
"These new 7-Zip binaries for Linux were linked (compiled) by GCC without -static
switch. And compiled 32-bit executables (x86 and armhf) didn't work on some arm64 and amd64 systems, probably because of missing of some required .so
files."
"Please write here, if you have some advices how to compile and link binaries that will work in most Linux systems," Pavlov stated on his release page.
Pavlov is also asking users to benchmark the 7-Zip for Linux's performance on various systems using the following command:
./7zz b "-mm=*" "-mmt=*" -bt > bench.txt
Users can then upload their bench.txt report as a comment on 7-Zip for Linux's release page to be reviewed for bugs and potential performance enhancements.
While this is great news for Linux users who prefer to use 7-Zip, a recent tweet by Google software engineer Christian Blichmann raises mysterious concerns about 7-zip's source code.
PSA: After having looked into p7zip and recent 7-zip source code, I *strongly* suggest everyone to put it in a sandbox.
— Christian Blichmann (indistinct radio chatter) (@AdmVonSchneider) March 9, 2021
In a Twitter thread posted last night, Blichmann explains the reasoning for his prior tweet. TLDR: Nothing wrong with 7-zip but Blichmann had recommendations to make it more secure.
No, this has nothing to do with recent Exchange 0-days.
— Christian Blichmann (indistinct radio chatter) (@AdmVonSchneider) March 11, 2021
I mostly looked at ancient p7zip has unpatched issues that can easily be found by fuzzing. They are not necessarily exploitable. 2/n
Update 3/12/21 with Blichmann reasoning for the comments.
Comments
GT500 - 3 years ago
Christian Blichmann elaborated about his warning in the Twitter thread. It appears to come down to security concerns about archivers in general, and the security track record of especially p7zip in the past. He also makes some general recommendations for the development of 7-Zip.
InfoLibre - 3 years ago
PeaZip is available for Linux, BSD : https://peazip.github.io