On 16.07.2018 14:24, Dashamir Hoxha wrote: > I have the same answer that I gave to Philipp. He has not looked close > enough to the code, and has not tried to follow its logic. > For example, error *messages* of `tar` are suppressed, not the errors > themselves. The result of the command is checked afterwards. > Etc. we can discuss them later.
As much as I would have liked to not reply, but alas, another ad hominem. The result of tar is not checked, no. The result of gpg is checked. I think the case I'm worried about is a race on ~/.pw/pw.tgz where between archive_unlock and archive_lock pw.tgz is set - say - 0400 and tar fails to write. That said, because you are so much into proofs: > pkern@vsrv ~/pw/src % ./pw.sh > Passphrase for archive '/home/pkern/.pw/pw.tgz': > Commands: > gen, set, ls, get, show, edit, find, grep, rm, mv, cp, log, help > Type q to quit, p to change the passphrase. > pw> ls > bar > foo > pw> q > pkern@vsrv ~/pw/src % cat tar > #!/bin/sh > exit 1 > pkern@vsrv ~/pw/src % PATH=.:$PATH ./pw.sh > Passphrase for archive '/home/pkern/.pw/pw.tgz': > Commands: > gen, set, ls, get, show, edit, find, grep, rm, mv, cp, log, help > Type q to quit, p to change the passphrase. > pw> ls > pw> gen foo > ./pw.sh: line 145: xclip: command not found > ./pw.sh: line 145: echo: write error: Broken pipe > Error: Could not copy data to the clipboard > gpg: can't open '/home/pkern/.pw/pw.tgz': No such file or directory > gpg: symmetric encryption of '/home/pkern/.pw/pw.tgz' failed: No such file or > directory But as soon as tar writes incomplete output (which it totally can, it's a Tape ARchiver) you have silent corruption. Kind regards Philipp Kern