I believe that, at this point, we should probably apply the maxim that
a system is only as secure as its administrator and leave it at that.  If
we try to be too clever we run the risk of severely degrading performance
in the name of security, which I as an administrator find totally
unacceptable.  If there are problems with untarring something which
creates a security problem in the resulting filesystem graph, you have
far larger problems to worry about than merely the fact that 'tar
isn't catching everything.'


				--*greywolf;
--
NetBSD: The devil's advocate.