On 12/02/2015 01:52 PM, Mark O'Keefe wrote:
Is the mtime versus ctime security concern still relevant for a directory?
Yes, because applications can set directory mtime values to whatever they want, using system calls like utimensat. If an application backdates a directory, tar could incorrectly think its contents unchanged, and could therefore dump files incorrectly. This can matter if tar is being used for incremental backups.
Quite possibly you're right and tar could use yet another option to work around this sort of file system misbehavior. But really, the file system should get fixed, as tar's not the only program that assumes ctime is reliable.
