| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] | 
10.2.1 Privacy
Standard privacy concerns apply when using tar.  For
example, suppose you are archiving your home directory into a file
‘/archive/myhome.tar’.  Any secret information in your home
directory, such as your SSH secret keys, are copied faithfully into
the archive.  Therefore, if your home directory contains any file that
should not be read by some other user, the archive itself should be
not be readable by that user.  And even if the archive’s data are
inaccessible to untrusted users, its metadata (such as size or
last-modified date) may reveal some information about your home
directory; if the metadata are intended to be private, the archive’s
parent directory should also be inaccessible to untrusted users.
One precaution is to create ‘/archive’ so that it is not accessible to any user, unless that user also has permission to access all the files in your home directory.
Similarly, when extracting from an archive, take care that the permissions of the extracted files are not more generous than what you want. Even if the archive itself is readable only to you, files extracted from it have their own permissions that may differ.
| [ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] | 
