--- Richard Kreuter <[EMAIL PROTECTED]> wrote: > On Tue, Mar 19, 2002 at 03:39:05PM +0100, Ludovic Courts wrote: > > > > Several people have recently talked about the potential security > > risks implied by the use of a tarfs server. Since this is a quite > > famous example, I'm wondering: has anyone already started > > implementing it? If not, I would be interested in trying to dive > > into it (even though I actually don't know much about tar, while > > Thomas Bushnell has been involved in its development, right?). > > There are some discussions of this in the list archives of > debian-hurd and bug-hurd. If I understand and remember these > discussions correctly, the first thing for an enterprising hacker to > do is to add some gnu extensions to tar (e.g. to store and restore > translator settings, node author fields, permissions for users without > auth tokens and so forth). However, the tar source has been described > as being pretty hairy, and not for the fainthearted. > > Hope that helps, > Richard
Perhaps a new archive format should be developed to deal with The HURD. This does not necessarily preclude developing extensions to tar or other incumbent formats but rather it could speed up the availability of a working backup utility for The HURD. Important lessons could also be learned that would help with development of more compatible software. __________________________________________________ Do You Yahoo!? Yahoo! Sports - live college hoops coverage http://sports.yahoo.com/ _______________________________________________ Help-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/help-hurd
