On Mon, Oct 21, 2019 at 05:34:44PM -0000, Christos Zoulas wrote: > In article <[email protected]>, > Joerg Sonnenberger <[email protected]> wrote: > >On Mon, Oct 21, 2019 at 06:29:18AM -0700, Hisashi T Fujinaka wrote: > >> On Mon, 21 Oct 2019, Martin Husemann wrote: > >> > >> > On Mon, Oct 21, 2019 at 11:54:44AM +0200, J. Hannken-Illjes wrote: > >> > > Somewhere between Netbsd-8 and NetBSD-9 "tar" changed its behaviour > >> > > when it has to extract a directory and the path exists as a symlink. > >> > > >> > I still believe it should be fixed, but J?rg disagrees. You need to use > >> > -P > >> > now. See PR 54467. > >> > >> Yeah it's a real pain in my you-know-what. Is it Joerg vs everyone else? > > > >It is NetBSD pax vs every pretty much any maintained tar implementation. > > Indeed, and it is a security issue revert to the original tar behavior. > The new behavior is clearly better from a security PoV. > What I don't like about -P though is that it is an "all or nothing" deal: > > N Function PaX as Tar Libarchive Tar > ---------------------------------------------------------------------- > 1 keeping leading '/' -P -P > 2 extracting files containing ".." --insecure -P > 3 obeying existing symlinks default -P > > I would prefer to have a separate option that just does [3], but if upstream > does not think it is useful it is better to live with -P.
Feel free to write a patch :) That said, I don't really see a point in allowing one form of arbitrary file replacement and not another. Joerg
