On Tue, 2022-01-04 at 19:26 +0100, Piotr Karbowski wrote: > > And none of which happens unless you intentionally trigger it. > > ... > > Sure, acl and how chmod manipulate mask on ACL-enabled entities is not > very simple, but nothing will break by itself just because you have acl > support enabled, you would need to try very hard to run into problems. > >
Even if you're right, and if no other tools invoke tar, and the user is smart enough not to copy/paste commands from the web, and if no other archivers can extract ACLs when invoked directly or indirectly... you're still burdening the user to either have faith that this is all true, or to verify it himself. Repeat the argument for other flags like ipv6, and you wind up requiring either a lot of faith, or a lot of diligence, both of which are antithetical to basic principles of security. You may not buy the argument, but it's why people disable this stuff, and the ability to disable it is why a lot of our users user Gentoo to begin with.
