Full Disclosure mailing list archives
Re: tar alternative
From: Tim <tim-security () sentinelchicken org>
Date: Wed, 20 Sep 2006 15:53:06 -0400
cpio ? It does the job of both tar and gzip. Try an :- info cpio
I am familiar with cpio, but as I said, I was hoping for a format that does not contain usernames and other metainformation that is not necessary for software distribution. I believe cpio is meant for backups is it not? I don't believe a format meant for backups is a great thing to use for software distribution.
As for the Linux Kernel archives, I do not really think there is enough justification for a change in distribution format.
Right, well I did take the thread my own way, and am posing this as a more general question on software distribution. Certainly I don't know of another format at this point that would be a better way to distribute it, and the original poster's concerns probably don't have a major impact on most people.
Most kernel coders either use non root account for untar'ing and making the kernel and do a 'sudo make install' anyway.
Well, the whole idea that having to use a non-root account to unpack some files has always been rediculous to me. Sure, given the way tar behaves, it is insane not to, but for a software distribution tool, making this a requirement is pretty lame. Changing tar's behavior to be safer is possible, but would likely degrade the ability of tar to be a good backup tool. The use cases for each type of tool are simply different. thanks for your response, tim _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Linux kernel source archive vulnerable, (continued)
- Re: Re: Linux kernel source archive vulnerable Michael Gale (Sep 08)
- Re: Re: Linux kernel source archive vulnerable Valdis . Kletnieks (Sep 09)
- Re: Linux kernel source archive vulnerable Ron (Sep 24)
- Re: Re: Linux kernel source archive vulnerable Jurjen Oskam (Sep 08)
- tar alternative Tim (Sep 08)
- Re: tar alternative Cristi Mitrana (Sep 08)
- Re: Re: tar alternative Tim (Sep 09)
- Re: Re: tar alternative darren kirby (Sep 09)
- Re: Re: tar alternative Tim (Sep 09)
- Re: tar alternative Aaron Gray (Sep 15)
- Re: tar alternative Tim (Sep 20)
- Re: tar alternative Jon Hart (Sep 20)
- Re: tar alternative Tonnerre Lombard (Sep 20)
- Re: Linux kernel source archive vulnerable Joe Feise (Sep 11)
- Re: Linux kernel source archive vulnerable coderpunk (Sep 12)
- Re: Re: Linux kernel source archive vulnerable Chris Umphress (Sep 12)
- Re: Linux kernel source archive vulnerable Schanulleke (Sep 15)
- Re: Linux kernel source archive vulnerable Troy Cregger (Sep 22)