Jan-Benedict Glaw <[EMAIL PROTECTED]> wrote:
> > If you like to compare this, you would need to either call star as "tar"
> > or tell star to be as insecure as GNU tar is.
> >
> > So test again with "star -no-fsync ..."
>
> Is `-no-fsync' the only difference? How much more secure does this
> make star over tar? My guestimation tells me that there's only really
> a difference in case of a system crash during/right after tarball
> extraction.
I have seen unfixable (via fsck) filesystemn corruption on Linux after a
power outage a short time after extracting a bigger filesystem tree.
If you like to evaluate the exit code of any tar, this only makes
sense if the tar implementation calls fsync() before close(). If it
does not call fsync(), a zero exit code does not grant anything.
Star (called under the name "star") implements other deviations from the
behavior of the classical UNIX tar, e.g. different defaults for the unlink()
setup in extract mode.
tar -x
is equivalent to:
star -xU -force-remove -remove-first -keep-nonempty-dirs -no-fsync \
-bsdchdir
cpio -iu
is equivalent to:
star -xpU -xdir -install -force-remove -remove-recursive -no-fsync \
bs=1b -pax-match
This shows that (although not documented) cpio may remove non-empty
directories without asking.
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
