From owner-freebsd-security Tue Oct 1 15: 1:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3CFF137B401 for ; Tue, 1 Oct 2002 15:01:10 -0700 (PDT) Received: from pogo.caustic.org (caustic.org [64.163.147.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA3CE43E42 for ; Tue, 1 Oct 2002 15:01:09 -0700 (PDT) (envelope-from jan@caustic.org) Received: from localhost (jan@localhost) by pogo.caustic.org (8.11.6/8.11.6) with ESMTP id g91M0Qo91607; Tue, 1 Oct 2002 15:00:26 -0700 (PDT) (envelope-from jan@caustic.org) Date: Tue, 1 Oct 2002 15:00:25 -0700 (PDT) From: "f.johan.beisser" To: Brett Glass Cc: Matthew Dillon , Matt Piechota , Aaron Namba , Subject: Re: RE: Is FreeBSD's tar susceptible to this? In-Reply-To: <4.3.2.7.2.20021001150751.00d134d0@localhost> Message-ID: <20021001142208.S67581-100000@pogo.caustic.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 1 Oct 2002, Brett Glass wrote: > It shouldn't be hard to do. Will anyone volunteer to be the other half > of the clean room reverse engineering team so that we can avoid copyright > problems and whip this out as soon as possible? if the code is fresh, and written from scratch, there will be no copyright problems. it just has to be able to decypher the tarball, after all. since tar's command line structure and switches predate GNU-tar, i don't think that will be an issue. i don't know many people who use the GNU style long switch convention when doing a fast tar script. in looking at /usr/src/bin/pax/tar.[c,h], i don't see any evidence of the GPL in there. as far as i know, you have to choose to install GNU-tar, as a separate program; something which i do, to ensure compatability accross all my machines and platforms. if i'm wrong in this understanding, please correct me, and point me to the evidence that says otherwise. > >should i expect this before or after the BSD licensed > >C compiler? > > Actually, there already ARE BSD-licensed C compilers, including TenDRA. > The BSDs should use one of them. yes, but can any of those compile the OS as it's already written? i wouldn't want to be the poor victim assigned to rewrite all the lines of code. counting comments, and i assume, whitespace (meaning it's not 100% accurate): [jan@hi src] {73}$ find /usr/src -name "*.[h,c]" -print | xargs wc -l \ | grep -v total | awk ' { s = s + $1 } { print s } ' | tail -1 6217166 that's at least 5 million lines of code. as several have said before me: if it's not broken, don't fix it. -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan jan@caustic.org "John Ashcroft is really just the reanimated corpse of J. Edgar Hoover." -- Tim Triche To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message