Subject: Re: tar ignores filenames that contain `..'
To: Jason R Thorpe <>
From: Chuck Yerkes <>
List: tech-pkg
Date: 10/24/2002 09:32:37
I might suggest that checking just "../" is short sighted.
Checking for combinations of one or more "../" that
pass $TOP of the tree are the dangers.  Beneath my tar
"tree", I don't and shouldn't care about relative links;
only when it passes the TOP of the tree do I get anxious.

Quoting Jason R Thorpe (
> On Wed, Oct 23, 2002 at 11:10:19PM +0900, Shin'ichiro TAYA wrote:
>  > After switching to pax based tar, tar ignores filenames that contain `..'.
>  > But some distfile for pkgsrc contains symlinks that points to file
>  > contain '..' then failes to extract.
> Actually, I think the new GNU tar does this too.
> -- 
>         -- Jason R. Thorpe <>