Subject: Re: tar ignores filenames that contain `..'
To: NetBSD Packages Technical Discussion List <>
From: Allen Briggs <>
List: tech-security
Date: 10/23/2002 12:59:43
On Wed, Oct 23, 2002 at 12:52:24PM -0400, Greg A. Woods wrote:
> > And I will jump in and say that it is really pax's problem.  This is
> > because (a) a lot of the distfiles that we use in pkgsrc come with
> > symbolic links with ".." in them, so that we can't even extract the
> > contents properly now
> [...]
> scientific survey?  I'd be surprised and dismayed if more than 1% of
> distfiles contained relative pathnames using "..", and I'd be even more
> surprised if the maintainers/authors of the packages involved didn't
> agree to eliminate such things ASAP.

The maintainer/author of a package can't tell where I'm extracting a
tarball of source...  If we're looking at some hypothetical package,
we might have, say:


How can the maintainer change that without copying the file?


 Allen Briggs               Quality NetBSD CDs, Sales, Support, Service
NetBSD development for Alpha, ARM, M68K, MIPS, PowerPC, SuperH, XScale, etc...