Re: bin/55815: tar opens device files

[David Holland <dholland-bugs%netbsd.org@localhost>]

The following reply was made to PR bin/55815; it has been noted by GNATS.

From: David Holland <dholland-bugs%netbsd.org@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: bin/55815: tar opens device files
Date: Fri, 4 Jun 2021 17:09:53 +0000

 On Wed, Nov 25, 2020 at 07:10:01PM +0000, Robert Elz wrote:
  >  | No, it is about ensuring that the extattr and ACL actually belong to the
  >  | same object as the rest of the permissions.
  >  
  >  Ah, OK.
  >  
  >  Is this for creating the archive, or extracting it?
  >  
  >  In the creating case, does it really matter?   If the filesystem is
  >  changing while attempting to create an archive, then there's got to
  >  be race conditions, and while it would be nice to correctly add either
  >  the before, or the after to the archive, I'm not sure that's important
  >  enough to really matter.
 
 I am sure there are people who do backups by tar -c / while the system
 is live, and in general even if that doesn't generate a fully
 consistent snapshot it would probably be bad for it to result in wrong
 and possibly malicious permissions after restore.
 
 However, it also seems foolish to pretend this is a real issue for
 device nodes, so it seems like a perfectly adequate solution is for
 tar to check for device nodes and not open them. Adding another open
 mode seems like severe overkill. (O_NONBLOCK is sufficient for named
 pipes.)
 
 (What does tar do with filesystem sockets? You can't open them.)
 
 Also, devices that do things at open time aren't going away, and it's
 perfectly reasonable to have ACLs on devices, so just ignoring the
 situation or bypassing it for non-ACL filesystems isn't the answer.
 
 -- 
 David A. Holland
 dholland%netbsd.org@localhost