From nobody Wed Dec 18 11:04:21 2024 X-Original-To: freebsd-arch@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YCrRM4bQHz5hC56 for ; Wed, 18 Dec 2024 11:04:31 +0000 (UTC) (envelope-from fuz@fuz.su) Received: from fuz.su (fuz.su [IPv6:2001:41d0:8:e508::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "fuz.su", Issuer "fuz.su" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YCrRM21J5z3xPn; Wed, 18 Dec 2024 11:04:31 +0000 (UTC) (envelope-from fuz@fuz.su) Authentication-Results: mx1.freebsd.org; none Received: from fuz.su (localhost [127.0.0.1]) by fuz.su (8.18.1/8.18.1) with ESMTPS id 4BIB4L40069077 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Wed, 18 Dec 2024 12:04:22 +0100 (CET) (envelope-from fuz@fuz.su) Received: (from fuz@localhost) by fuz.su (8.18.1/8.18.1/Submit) id 4BIB4LnW069076; Wed, 18 Dec 2024 12:04:21 +0100 (CET) (envelope-from fuz) Date: Wed, 18 Dec 2024 12:04:21 +0100 From: Robert Clausecker To: Kyle Evans Cc: freebsd-arch@freebsd.org Subject: Re: Removing shar(1) Message-ID: References: <0d63a94d-2773-4efd-b789-0b753ab38b91@FreeBSD.org> List-Id: Discussion related to FreeBSD architecture List-Archive: https://lists.freebsd.org/archives/freebsd-arch List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-arch@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0d63a94d-2773-4efd-b789-0b753ab38b91@FreeBSD.org> X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16276, ipnet:2001:41d0::/32, country:FR] X-Rspamd-Queue-Id: 4YCrRM21J5z3xPn X-Spamd-Bar: ---- Hi Kyle, With shar no longer being recommended for the submission of new ports, I see no objection to removing this feature. However, tar(1) should keep the functionality. We should consider replacing shar(1) by an implementation that just calls into tar(1) to do its job. Yours, Robert Clausecker Am Tue, Dec 17, 2024 at 08:27:16PM -0600 schrieb Kyle Evans: > Hi, > > I was reminded the other day that shar(1) exists, though it's use is no > longer recommended in ports. The same functionality can be found in tar(1) > instead, so I think we should deorbit /usr/bin/shar and stop promoting it > entirely. sh(1) archives are really problematic from a user standpoint for > at least one reason best explained by the manpage: > > It is easy to insert trojan horses into shar files. It is strongly > recommended that all shell archive files be examined before running > them through sh(1). Archives produced using this implementation of > shar may be easily examined with the command: > > egrep -av '^[X#]' shar.file > > It's hard to advocate for their use in good conscience, much like it's hard > to advocate curl|sh pipes. > > Review: https://reviews.freebsd.org/D48130 > > Thanks, > > Kyle Evans > -- () ascii ribbon campaign - for an encoding-agnostic world /\ - against html email - against proprietary attachments