[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: tarfs implementation

From: Kenneth Stailey
Subject: Re: tarfs implementation
Date: Wed, 20 Mar 2002 10:51:38 -0800 (PST)

--- Richard Kreuter <> wrote:
> On Tue, Mar 19, 2002 at 03:39:05PM +0100, Ludovic Courts wrote:
> > 
> > Several people have recently talked about the potential security
> > risks implied by the use of a tarfs server. Since this is a quite
> > famous example, I'm wondering: has anyone already started
> > implementing it? If not, I would be interested in trying to dive
> > into it (even though I actually don't know much about tar, while
> > Thomas Bushnell has been involved in its development, right?).
>   There are some discussions of this in the list archives of
> debian-hurd and bug-hurd.  If I understand and remember these
> discussions correctly, the first thing for an enterprising hacker to
> do is to add some gnu extensions to tar (e.g. to store and restore
> translator settings, node author fields, permissions for users without
> auth tokens and so forth).  However, the tar source has been described
> as being pretty hairy, and not for the fainthearted.
> Hope that helps,
> Richard

Perhaps a new archive format should be developed to deal with The HURD.  This
does not necessarily preclude developing extensions to tar or other incumbent
formats but rather it could speed up the availability of a working backup
utility for The HURD.  Important lessons could also be learned that would help
with development of more compatible software.

Do You Yahoo!?
Yahoo! Sports - live college hoops coverage

reply via email to

[Prev in Thread] Current Thread [Next in Thread]