Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: tar alternative

From: Aaron Gray <angray () beeb net>
Date: Fri, 15 Sep 2006 23:55:15 +0100
Tim wrote:

Don't. Untar. Archives. As. Root.

It's that simple.

Or are you also going to complain about the fact that there are tar
versions out there that don't strip a leading / from the archive?
Much fun can be had when you carelessly extract as root, then.


Hello,

Sorry to change the subject slightly here on this thread, but I was
wondering about this before the topic came up.

Given the problems with using the tar format for file distribution, are
there any other simple, non-compressed file-grouping formats out there
that weren't originally designed for backups (e.g. don't contain
usernames, permissions, etc)?  Something that can be a drop-in
replacement for tar and thus can integrate with gzip/bzip2 easily?
(Don't even say .zip)

There's probably one out there I'm completely naive about, but I haven't
seen one yet that would be a safer alternative.



cpio ?

It does the job of both tar and gzip. Try an :-

      info cpio
As for the Linux Kernel archives, I do not really think there is enough justification for a change in distribution format.
Most kernel coders either use non root account for untar'ing and making the kernel and do a 'sudo make install' anyway. 

My 0.02cents worth,

Aaron


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: