On Fri, 25 Sep 1998, der Mouse wrote: > But this sort of thing is why, quite some time ago, I added a key (I > picked "j") to my tar to watch for exactly this kind of thing: add j to > an x operation and tar will refuse to extract such things. Is this a patch you can release? Why do you provide the option of not doing this checking? > * This code is full of potential races, That's an interesting thing to point out. I can't count the number of tar files I've extracted that had world-writable directories in them. The races you mention exist in just ordinary tar, as well as your modified version, I assume. > Of course, on systems with symlink modes this will break for an archive > that looks like > > --x--x--x ./foo -> /etc > rwxrwxrwx ./foo/profile > > because it won't be able to readlink() the extracted symlink. I assume this means that you're using readlink() to tell if it's a symlink or not. Can't you use lstat() and ISLNK()? Or is ISLNK not portable? Kragen -- <kragenat_private> Kragen Sitaker <http://www.pobox.com/~kragen/> The sages do not believe that making no mistakes is a blessing. They believe, rather, that the great virtue of man lies in his ability to correct his mistakes and continually make a new man of himself. -- Wang Yang-Ming
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:48 PDT