[ACL-Devel] tar file format?

Linda Walsh law@sgi.com
Fri, 14 Apr 2000 07:56:10 -0700 

Andreas Gruenbacher wrote:
> That is exactly the problem. You don't even realize tar fills your /tmp/
> directory with things you have no use for. I'd prefer to see a warning message
> instead.
---
	No, you misunderstand -- it is a 'constant' filename.  So it overwrites
the same file again and again -- no 'filling' of your /tmp.

> There's another reason /tmp/.foo is bad: Who tells you there is a /tmp directory
> in the first place? Lots of people will extract tar files on one of the
> best-sellers from Redmont, for example...
---
	If you want an archive to be portable to all systems, then it would be
safest not to include MAC/ACL/CAP information since most systems don't support
it.  The "-M" flag is to include attr information with the intent that the 
attr information will later be restored to a compatible system -- one that
has the same users defined (else ACL is useless) and has same MAC levels, categories
and divisions (othereise that information is also useless).  CAP's might be
portable between compatible Linux systems that support CAP's in the same way --
but this is a very narrow case, we are talking about.  Not a general file disribution
mechanism.

	BTW -- it's been pointed out to me that for B1 security, only MAC is
required.  Capabilities are not strictly required until B3.  ACL's are not required
until at least B2 or above (not sure if they are mandated at all).

	You can read the current C2 (now called CAPP) and B1 (now LSPP) at
> 
> Andreas
> 
> ------------------------------------------------------------------------
>  Andreas Gruenbacher, a.gruenbacher@computer.org
>  Contact information: http://www.bestbits.at/~ag/

-- 
Linda A Walsh                    | Trust Technology, Core Linux, SGI
law@sgi.com                      | Voice: (650) 933-5338
-------------------------------------------------------------------------
Linux ACL Developers List ---  http://acl.bestbits.at/acl-devel/

To unsubscribe, send a message with `unsubscribe acl-devel'
in the message body to majordomo@bestbits.at.
-------------------------------------------------------------------------