[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] [PATCH] Intelligent subdirectory creation to guard against
|
From: |
Eric Blake |
|
Subject: |
Re: [Bug-tar] [PATCH] Intelligent subdirectory creation to guard against tarbombs |
|
Date: |
Thu, 08 Aug 2013 08:10:16 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 |
On 08/08/2013 07:29 AM, Paul Eggert wrote:
> On 08/07/2013 10:57 PM, Connor Behan wrote:
>> If I've understood this, "tar -C foo -xf foo.tar.gz" would not
>> accomplish the goal. Typing "-C foo" takes almost as much time as typing
>> "mkdir foo". More importantly, the user would have to already know that
>> "foo.tar.gz" is a tarbomb to avoid adding a pointless level of depth.
>
> That objection applies to the --intelligent-subdir option too, no?
> Users would have to know about the new option, and would have to use it.
Except as a new option that requires no argument, it is easy to modify
the user's login scripts to set up an alias around tar, so that the
option is ALWAYS supplied in the user's given interactive environment,
where it does the right thing for both tarbombs and normal tar files
with all contents in a single directory.
There is a difference between an option that you can always turn on, and
the use of -C foo where the spelling of 'foo' differs per tar file and
thus cannot be aliased in.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature