Subject: Re: tar ignores filenames that contain `..'
To: Thor Lancelot Simon <firstname.lastname@example.org>
From: Todd Vierling <email@example.com>
Date: 10/23/2002 13:37:32
On Wed, 23 Oct 2002, Thor Lancelot Simon wrote:
: > Symbolic links whose *content* contains "../" are not the same thing as file
: > entries in a tar file whose *filename* contains "../".
: > The latter should be unconditionally disallowed by pax, as it's beyond bad
: > form and is already warned about by GNU tar.
: I'm quite strongly opposed to making it extract anything whose _pathname_
: contains .. .
Agreed, although for the flexibility-of-Unix sake, this check should happen
after -s transformations have been applied, so that erroneously created tar
files can be extracted by hand (by replacing the .. components with
I don't know what our pax's behavior currently is offhand.
-- Todd Vierling <firstname.lastname@example.org>