On 04/19/2012 08:05 AM, Stefan Tomanek wrote: > + if (ignore_failed_read_option || (errno == ENOENT && > ignore_missing_option))
Why just ENOENT? Can't similar race conditions also generate errno values like ELOOP, EACCESS, ENOTDIR? More generally, why use find + tar? The combination seems inherently unsafe. An attacker with write access to the file system could cause the combination to archive the "wrong" file, for example.
