[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files
|
From: |
Paul Eggert |
|
Subject: |
Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files |
|
Date: |
Fri, 20 Apr 2012 02:40:29 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:11.0) Gecko/20120329 Thunderbird/11.0.1 |
On 04/20/2012 12:15 AM, Stefan Tomanek wrote:
> Dies schrieb Paul Eggert (address@hidden):
>> Why just ENOENT? Can't similar race conditions also
>> generate errno values like ELOOP, EACCESS, ENOTDIR?
>
> I have not encountered those yet.
They would be less likely in practice I expect, but
clearly they're possible.
>> More generally, why use find + tar? The combination
>> seems inherently unsafe. An attacker with
>> write access to the file system could cause the combination
>> to archive the "wrong" file, for example.
>
> Because find has more possibilities to select a subset of files to save
Which possibilities do you use in practice? Perhaps these can
be added to 'tar'; that would avoid the security issues
with the find+tar approach.
- [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Stefan Tomanek, 2012/04/19
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Paul Eggert, 2012/04/19
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Stefan Tomanek, 2012/04/20
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files,
Paul Eggert <=
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Stefan Tomanek, 2012/04/20
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Paul Eggert, 2012/04/20
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Stefan Tomanek, 2012/04/20
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Paul Eggert, 2012/04/20
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Stefan Tomanek, 2012/04/21
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Joerg Schilling, 2012/04/21
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Paul Eggert, 2012/04/21
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Joerg Schilling, 2012/04/22
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Paul Eggert, 2012/04/22
- Re: [Bug-tar] [PATCH] add --ignore-missing to ignore missing input files, Joerg Schilling, 2012/04/22