Full Disclosure mailing list archives
Re: tar alternative
From: Aaron Gray <angray () beeb net>
Date: Fri, 15 Sep 2006 23:55:15 +0100
Tim wrote:
Don't. Untar. Archives. As. Root. It's that simple. Or are you also going to complain about the fact that there are tar versions out there that don't strip a leading / from the archive? Much fun can be had when you carelessly extract as root, then.Hello, Sorry to change the subject slightly here on this thread, but I was wondering about this before the topic came up. Given the problems with using the tar format for file distribution, are there any other simple, non-compressed file-grouping formats out there that weren't originally designed for backups (e.g. don't contain usernames, permissions, etc)? Something that can be a drop-in replacement for tar and thus can integrate with gzip/bzip2 easily? (Don't even say .zip) There's probably one out there I'm completely naive about, but I haven't seen one yet that would be a safer alternative.
cpio ? It does the job of both tar and gzip. Try an :- info cpioAs for the Linux Kernel archives, I do not really think there is enough justification for a change in distribution format.
Most kernel coders either use non root account for untar'ing and making the kernel and do a 'sudo make install' anyway.
My 0.02cents worth, Aaron
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Linux kernel source archive vulnerable, (continued)
- Re: Linux kernel source archive vulnerable Hadmut Danisch (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Michael Gale (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Valdis . Kletnieks (Sep 09)
- Re: Linux kernel source archive vulnerable Ron (Sep 24)
- Re: Re: Linux kernel source archive vulnerable Jurjen Oskam (Sep 08)
- tar alternative Tim (Sep 08)
- Re: tar alternative Cristi Mitrana (Sep 08)
- Re: Re: tar alternative Tim (Sep 09)
- Re: Re: tar alternative darren kirby (Sep 09)
- Re: Re: tar alternative Tim (Sep 09)
- Re: tar alternative Aaron Gray (Sep 15)
- Re: tar alternative Tim (Sep 20)
- Re: tar alternative Jon Hart (Sep 20)
- Re: tar alternative Tonnerre Lombard (Sep 20)
- Re: Linux kernel source archive vulnerable Joe Feise (Sep 11)
- Re: Linux kernel source archive vulnerable coderpunk (Sep 12)
- Re: Re: Linux kernel source archive vulnerable Chris Umphress (Sep 12)
- Re: Linux kernel source archive vulnerable Schanulleke (Sep 15)
- Re: Linux kernel source archive vulnerable Troy Cregger (Sep 22)