On 16.07.2018 14:24, Dashamir Hoxha wrote:
> I have the same answer that I gave to Philipp. He has not looked close
> enough to the code, and has not tried to follow its logic.
> For example, error *messages* of `tar` are suppressed, not the errors
> themselves. The result of the command is checked afterwards.
> Etc. we can discuss them later.
As much as I would have liked to not reply, but alas, another ad hominem.
The result of tar is not checked, no. The result of gpg is checked. I
Yes, but this is because `gpg` will fail if `tar` fails.
think the case I'm worried about is a race on ~/.pw/pw.tgz where between
archive_unlock and archive_lock pw.tgz is set - say - 0400 and tar fails
to write.
That said, because you are so much into proofs:
> pkern@vsrv ~/pw/src % ./pw.sh
> Passphrase for archive '/home/pkern/.pw/pw.tgz':
> Commands:
> gen, set, ls, get, show, edit, find, grep, rm, mv, cp, log, help
> Type q to quit, p to change the passphrase.
> pw> ls
> bar
> foo
> pw> q
> pkern@vsrv ~/pw/src % cat tar
> #!/bin/sh
> exit 1
> pkern@vsrv ~/pw/src % PATH=.:$PATH ./pw.sh
> Passphrase for archive '/home/pkern/.pw/pw.tgz':
> Commands:
> gen, set, ls, get, show, edit, find, grep, rm, mv, cp, log, help
> Type q to quit, p to change the passphrase.
> pw> ls
> pw> gen foo
> ./pw.sh: line 145: xclip: command not found
> ./pw.sh: line 145: echo: write error: Broken pipe
> Error: Could not copy data to the clipboard
> gpg: can't open '/home/pkern/.pw/pw.tgz': No such file or directory
> gpg: symmetric encryption of '/home/pkern/.pw/pw.tgz' failed: No such file or directory
This is not a realistic example. You corrupt the `tar` command and then expect
the program to work well. You might as well delete manually the archive file and
then expect the program to work well.
But as soon as tar writes incomplete output (which it totally can, it's
a Tape ARchiver) you have silent corruption.
It may happen, but the chances are so small.
I have never heard of `tar` command (or any command) failing randomly
on their own, without any reason.
Anyway, it doesn't hurt to try and make the operations more transactional.
Regards,
Dashamir