Subject: Re: tar ignores filenames that contain `..'
To: Todd Vierling <email@example.com>
From: David Laight <firstname.lastname@example.org>
Date: 10/31/2002 09:37:25
On Sat, Oct 26, 2002 at 11:17:32AM -0400, Todd Vierling wrote:
> And one more round, after thinking about it last night.
> It occurred to me that, now that the assessment of the issue has changed
> from the content of symlinks to the act of *following* symlinks, that the
> protections mentioned in the proposal could be applied as default behavior,
> and all this can be distilled/simplified further.
Since the actual problem is that following a symlink might take
you outside the current directory hierarchy, why not make pax
chroot to the current directory before reading the archive?
Have I missed something?
David Laight: email@example.com