Comment Re:Sanitize crazyness (Score 1) 215
it's not the bash problem
the problem is that getopt gives tar that there is a parameter.... which is in fact a filename hidden somewhere deep in the file list.
tar cf archive.tar file1 file2 -v file3 # is verbose on linux, is NOT verbose on UNIX (complains about inexisting file "-v")
GNU is wrong, GNU broke the inherent security in options parsing by allowing options anywhere. GNU is insecure.