[PATCH] - Adds TAR_SEC_CAPABILITY feature to tar
Bernhard Reutner-Fischer
rep.dot.nop at gmail.com
Wed Jan 8 10:34:23 UTC 2020
On 7 January 2020 01:25:17 CET, Cole Dishington <Cole.Dishington at alliedtelesis.co.nz> wrote:
>Package: busybox
>
>Version: v131.1
>Severity: wishlist
>
>
>This patch adds the ability for tar to extract security capabilities,
>stored in pax headers. I have tested this on Linux Ubuntu x86_64 and it
>works. I have tested it against GNU tar and the outputs are the same
>(except for the use of setxattrat vs setxattr in a warning message). I
>have ran the tests in the testsuite directory, and nothing breaks.
>
>
>File capabilities divide the permissions of superuser into distinct
>units, these finer grained permissions aid in securing systems. For
>this reason it would be good to get these added to busybox tar.
Please send patches with signed-off-by line.
Also, please use xmalloc instead of malloc (or xstrdup for that matter).
Furthermore, wouldn't you want to sanity check the length?
Bonus points if you add bloat-o-meter output to your patch submission; make baseline; apply the patch and make bloatcheck.
TIA,
More information about the busybox
mailing list