On Wed, 23 Oct 2002, Thor Lancelot Simon wrote:

: > Symbolic links whose *content* contains "../" are not the same thing as file
: > entries in a tar file whose *filename* contains "../".

: > The latter should be unconditionally disallowed by pax, as it's beyond bad
: > form and is already warned about by GNU tar.

: I'm quite strongly opposed to making it extract anything whose _pathname_
: contains .. .

Agreed, although for the flexibility-of-Unix sake, this check should happen
after -s transformations have been applied, so that erroneously created tar
files can be extracted by hand (by replacing the .. components with
something sane).

I don't know what our pax's behavior currently is offhand.

-- 
-- Todd Vierling <tv@pobox.com>