[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Lzip-bug] Tarlz 0.4: Use of 'ustar' format instead of 'posix'; ques

From: Antonio Diaz Diaz
Subject: Re: [Lzip-bug] Tarlz 0.4: Use of 'ustar' format instead of 'posix'; question about future of Tarlz utility
Date: Sat, 02 Jun 2018 20:04:22 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv: Gecko/20110420 SeaMonkey/2.0.14

Juan Francisco Cantero Hurtado wrote:
I think I have found an unexpected difficulty. It seems that the pax
format has a serious flaw not present in the ustar format. The
extended records in the pax extended header are not protected by any
checksum in spite of containing critical metadata (file size,
filename, file time,...). This may lead to several kinds of undetected

You can use a comment entry for the checksum of the headers or whatever
you want. Other tar tools will ignore the entry.

Exactly, *other tar tools will ignore the entry*, leading to a fragmented format[1] where, depending on how the file was created and on what unarchiver is used, the integrity check will be sometimes performed and sometimes not.

[1] http://www.nongnu.org/lzip/xz_inadequate.html#fragmented

reply via email to

[Prev in Thread] Current Thread [Next in Thread]