[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-tar] [PATCH v2] Intelligent subdirectory creation to guard agai
|
From: |
Connor Behan |
|
Subject: |
Re: [Bug-tar] [PATCH v2] Intelligent subdirectory creation to guard against tarbombs |
|
Date: |
Tue, 13 Aug 2013 18:58:17 -0700 |
|
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 |
On 12/08/13 01:25 PM, Paul Eggert wrote:
> I'm still not sold on this idea; I think it's too "intelligent",
> the documentation is hard to understand, and it'll be hard to
> explain to users.
>
> Could someone please explain why the '-k' option (which already
> exists) doesn't solve the problem? Perhaps we can build on -k.
When extracting a tarbomb, I guess it helps to use the -k option so that
no file is overwritten. However, that is not the main annoyance. Simply
having 10 extra loose files in the working directory is. The user
typically has to move them into a subdirectory one by one if the
filesystem is to stay organized.
The patch (1) detects if the file being extracted is a tarbomb and (2)
handles it gracefully if it is. If instead of (2) tar simply quit with
an error, I would also be somewhat happy because I don't encounter
tarbombs very often. This could be handled without adding a new option
if -k became "don't replace existing files or create more than one file
at the top level when extracting, treat them as errors". So -k would
become a broader kind of "play it safe while extracting" option.
signature.asc
Description: OpenPGP digital signature