Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

is tar secure

0 views
Skip to first unread message

odbi...@spamu.pl

unread,
Nov 21, 2008, 3:50:15 AM11/21/08
to
Hi.

Do tar verify binary conformity (something like md5sum) original files with that it put in archive file?

Thanks in advance,
os

b.jeswine

unread,
Nov 21, 2008, 4:25:54 AM11/21/08
to
In news:gg5so7$d7u$1...@news.onet.pl,
odbi...@spamu.pl <odbi...@spamu.pl> typed:

> Do tar verify binary conformity (something like md5sum) original
> files with that it put in archive file?

$ tar --help | grep verify
-W, --verify attempt to verify the archive after writing it

Barry Margolin

unread,
Nov 21, 2008, 4:30:24 AM11/21/08
to

That checks at the time it's writing it. It doesn't store the hash in
the archive, so if the file is corrupted in transit it won't detect it.

--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

odbi...@spamu.pl

unread,
Nov 21, 2008, 7:09:54 AM11/21/08
to

> That checks at the time it's writing it. It doesn't store the hash in
> the archive, so if the file is corrupted in transit it won't detect it.
>

But I can do:
1. create tar and verify (on the same machine) - for example xyz.tar
2. md5sum xyz.tar
3. transit xyz.tar to other machine and md5sum xyz.tar
4. if sum from 3. and 4. are equal then I have xyz.tar NOT corrupted on other machine

Is it correct?

Stephane Chazelas

unread,
Nov 21, 2008, 7:34:45 AM11/21/08
to
2008-11-21, 13:09(+01), odbi...@spamu.pl:

Yes, you could also do:

tar cf - /some/dir | tee xyz.tar | md5sum

In case xyz.tar would get corrupted on the local filesystem (but
then files in /some/dir might be corrupted as well).

--
Stéphane

0 new messages