Re: Possible bug

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible bug

From:	Bob Proulx
Subject:	Re: Possible bug
Date:	Wed, 28 Apr 2021 16:05:43 -0600

Karlis Abele | Printful wrote:
> *How to reproduce:*

Thank you for the simple test case.

> Create an archive like so *tar -zcf test.tar.gz .*

At that point there are two problems of usage.

1. Creating the output file in the same directory that is getting archived

This is not a good practice.  It creates a situation where the order
of actions matters.  For example if one decided to do this twice then
test.tar.gz will get included into the archive that is being created
in test.tar.gz which can have bad effects.  Of course the first time
around it all depends upon if tar reads the input directory before or
after creating the output file.  Best to avoid it and put the output
archive into a different directory.

2. Creating an archive of "."

This is not a good practice.It is rarely done.  Usually if one is
going to archive up files in a directory they would archive ./* so as
to match the files.  Of course one needs to know that * does not match
hidden files (files that start with a dot) and usually that is the
right thing to do.  And that it will recursively archive all
directories that matched too.

> And extract it somewhere *tar -zxf test.tar.gz -C /var*
> Now the /var ownership is *1234:1234*

As expected because "." was 1234:1234 in your input and it was copied
to the output.  It is doing exactly what it has been told to do.  This
is exactly the same as if one were to have copied dot there "cp -a . /var".
It's the same thing.  And the same reason why it is against good practice.

Have you ever accidentally cut yourself with a kitchen knife?  Of
course everyone who cooks has at one time or another cut themselves
with the kitchen knife.  Kitchen knives are dangerous.  Kitchen knives
are sharp.  Therefore we must remove all knives from the kitchen and
ban their use there.  Now go cook!  Obviously that will now be very
difficult.  And therefore instead we learn how to use kitchen knives
with skill.

> This means that if for example I extract the archive that is created in a
> similar manner to for example /root, it will mess up the root directory
> ownership (possibly) and can pretty much brick the instance

Yes.  Don't do that.

> I understand that there are flags regarding ownership and permissions when
> extracting archives, but I do think that using the . should not make it so
> that after extracting the archive it changes ownership of the target
> directory

But that is exactly what it should do since that is exactly what it
was told to do.  The solution is not to tell it to do it.

Sometimes people watch Hollywood movies and think we have arrived at a
point in time where programs can be artificially intelligent enough to
know when we are doing something bad and could then warn us of this
bad thing.  Perhaps they could become a guardian to us preventing us
from ever getting hurt.  Maybe one day that dream will be realized but
as of yet that is simply not possible.  It is impossible to have a
kitchen that works without having a kitchen knife in it and it is
impossible for the program to know when something it has been
instructed to do is bad too.  Instead we must use our kitchen knives
with care when cooking in the kitchen.

Bob

[Prev in Thread]

Current Thread

[Next in Thread]

Possible bug, Karlis Abele | Printful, 2021/04/27
- Re: Possible bug, Sergey Poznyakoff, 2021/04/27
- Re: Possible bug, Bob Proulx <=

Prev by Date: Re: Possible bug
Next by Date: tar ignores --user and --group parameter with root user
Previous by thread: Re: Possible bug
Next by thread: '--strip-components=NUMBER' option does work as expected
Index(es):
- Date
- Thread