From owner-freebsd-audit@FreeBSD.ORG  Sat Jul  3 12:02:12 2004
Return-Path: <owner-freebsd-audit@FreeBSD.ORG>
Delivered-To: freebsd-audit@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id EB8EA16A4CE; Sat,  3 Jul 2004 12:02:12 +0000 (GMT)
Received: from fillmore.dyndns.org (port-212-202-50-15.dynamic.qsc.de
	[212.202.50.15])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 8708B43D5A; Sat,  3 Jul 2004 12:02:12 +0000 (GMT)
	(envelope-from eikemeier@fillmore-labs.com)
Received: from dhcp-5.local ([172.16.0.5] helo=localhost)
	by fillmore.dyndns.org with esmtp (TLSv1:DES-CBC3-SHA:168)
	(Exim 4.34 (FreeBSD))
	id 1BgjDc-000Idj-7l; Sat, 03 Jul 2004 14:02:11 +0200
Date: Sat, 3 Jul 2004 14:02:35 +0200
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
To: Tim Kientzle <kientzle@freebsd.org>
From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
In-Reply-To: <40DE6FBA.1010801@freebsd.org>
Message-Id: <DF07AEAE-CCE8-11D8-9FE1-00039312D914@fillmore-labs.com>
Content-Transfer-Encoding: 7bit
User-Agent: KMail/1.5.9
cc: arch@freebsd.org
cc: re@freebsd.org
cc: audit@freebsd.org
Subject: Re: RFC: bsdtar in 5.3
X-BeenThere: freebsd-audit@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: FreeBSD Security Audit <freebsd-audit.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-audit>,
	<mailto:freebsd-audit-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-audit>
List-Post: <mailto:freebsd-audit@freebsd.org>
List-Help: <mailto:freebsd-audit-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-audit>,
	<mailto:freebsd-audit-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Jul 2004 12:02:13 -0000

Tim Kientzle wrote:

> I would like to make bsdtar the default
> FreeBSD system tar for -CURRENT within
> the next week or so.
>
> That should give it broad enough usage
> over the next couple of months to prove
> that it's ready for 5-STABLE.
>
> My plan:
>
>   * Make /usr/bin/tar default to a symlink
>     to /usr/bin/bsdtar as soon as possible.
>     (Currently, it defaults to /usr/bin/gtar
>     unless you build WITH_BSDTAR.)
>
>   * Leave /usr/bin/gtar in the base system
>     through the 5.x cycle.
>
>   * For 6.0, remove /usr/bin/gtar and rename
>     /usr/bin/bsdtar to /usr/bin/tar.
>
> Any objections, suggestions, or comments?

I support making bsdtar the default, and plan to integrate libtar into 
the package tools.

Are there any plans to do an security audit of bsdtar? This may be an 
important issue, since tar is often used running as root to unpack 
downloaded archives.

-Oliver