7zip password protected archives allow adding files with no psw?
A free file archiver for extremely high compression
Brought to you by:
ipavlov
Menu
▾
▴
#2484 7zip password protected archives allow adding files with no psw?
Probably I'm going crazy but I think I found a bug of some kind with 7zip.
If I open a password protected .7z file (with no filename encryption) I can see its content. And it's the expected behaviour.
But what's not expected is that I can add a file to the package without being asked for the archive password.
So IMHO the reason can be one of these two:
- 7zip stores somewhere the password I used several days ago when I created the archive;
- 7zip prevents the extraction of files from password protected archives but doesn't prevent the adding.
Can anyone confirm this is a real bug?
Thanks
7zip version 24.05 (x64)
Windows 11 Pro last version availble
Archive is something like usual folder.
Some files in archive can be encryped and some files can be unencrypted.
And default operation is add unencrypted file.
Thank you Igor for your prompt reply but this is the worst news I could receive today.
Does that mean that I have 7z archives that could be safe and others that could be partially unsafe? Without any clue to understand which files are eventually affected?
Why doesn't 7zip offer an option to prevent this behavior from happening? Because you can agree with me that such an obscure and not intuitive behavior is a security hole.
I can't find a single use case for which a password protected archive could contain mixed content but probably it's me lacking fantasy.
So if I well understand adding a file to a crypted archive is impossible and I have to recreate it from scratch. Is it correct?
You can open archive and look method column to see that file was encrypted.