Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files

[Stefan Tomanek]

Dies schrieb Paul Eggert (address@hidden):

> On 04/20/2012 03:30 PM, Stefan Tomanek wrote:
> > Is there any argument against the original patch
> 
> Well, sure: it is a hack that doesn't solve
> the problem, and it might lead to similar
> future workaround hacks that will continue to
> increase tar's complexity and still not solve
> the problem.

So are --ignore-command-error and --ignore-failed-read. It should be the users
choice whether a missing file yields a warning or an error.

> And besides, it sounds like 'tar' can handle
> the situation in question, or something pretty close
> to it, without needing any changes.

How would you achieve the following with tar alone?

find / -xdev -cnewer /var/backups/lastrun -path '/var/cache/*' ! -type d -prune 
-o -print0 -fls /var/backups/filelist \ |
        tar cpf - --no-unquote --no-recursion --null -T -

> I don't have a specific scenario, no, since I don't
> know the exact situation.  But the basic problem is a
> race condition between the time the file is chosen by 'find'
> to dump (or to not dump), and the time the file name is
> presented to 'tar'.  I worry that an attacker could cause
> victim files to not be dumped, or conversely could cause
> files to be dumped when they should not be.

Then -T should probably removed from tar. I still don't understand how someone
can remove the files of another user from the filesystem before tar reaches
them.