Re: Removing shar(1)

Reply: Renato Botelho : "Re: Removing shar(1)"
In reply to: Kyle Evans : "Removing shar(1)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Cy Schubert <Cy.Schubert_at_cschubert.com>
Date: Wed, 18 Dec 2024 22:13:23 UTC

In message <0d63a94d-2773-4efd-b789-0b753ab38b91@FreeBSD.org>, Kyle Evans 
write
s:
> Hi,
>
> I was reminded the other day that shar(1) exists, though it's use is no 
> longer recommended in ports.  The same functionality can be found in 
> tar(1) instead, so I think we should deorbit /usr/bin/shar and stop 
> promoting it entirely.  sh(1) archives are really problematic from a 
> user standpoint for at least one reason best explained by the manpage:
>
>   It is easy to insert trojan horses into shar files.  It is strongly
>   recommended that all shell archive files be examined before running
>   them through sh(1).  Archives produced using this implementation of
>   shar may be easily examined with the command:
>
>        egrep -av '^[X#]' shar.file
>
> It's hard to advocate for their use in good conscience, much like it's 
> hard to advocate curl|sh pipes.
>
> Review: https://reviews.freebsd.org/D48130

I use it at $JOB, produce a shar file, cut/paste into a terminal.

Should it be removed I'll perform the repo surgery to base a port on it.


-- 
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX:  <cy@FreeBSD.org>   Web:  https://FreeBSD.org
NTP:           <cy@nwtime.org>    Web:  https://nwtime.org

			e^(i*pi)+1=0