On Tue, Mar 19, 2002 at 03:39:05PM +0100, Ludovic Courts wrote: > > Several people have recently talked about the potential security > risks implied by the use of a tarfs server. Since this is a quite > famous example, I'm wondering: has anyone already started > implementing it? If not, I would be interested in trying to dive > into it (even though I actually don't know much about tar, while > Thomas Bushnell has been involved in its development, right?).
There are some discussions of this in the list archives of debian-hurd and bug-hurd. If I understand and remember these discussions correctly, the first thing for an enterprising hacker to do is to add some gnu extensions to tar (e.g. to store and restore translator settings, node author fields, permissions for users without auth tokens and so forth). However, the tar source has been described as being pretty hairy, and not for the fainthearted. Hope that helps, Richard _______________________________________________ Help-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/help-hurd
