Overview
Artifact ID: | f17f3f7eee32f17417ae77f508a2759e4ed39be2e811fc5571b7b297304d2f45 |
---|---|
Ticket: | b6496181dc34a4fc4f3f14a5bf8321ff2e9c5f26
Support extracting all types in TAR files |
User & Date: | js on 2021-07-04 16:39:48 |
Changes
- icomment:
Currently, `ofarc` refuses to extract anything that is not a file or a directory. This is currently for security reasons, as otherwise a tar file could create a symlink `x -> /home/js` and then contain a file `x/.profile` to override my `/home/js/.profile` file. Many archivers have this security hole (in fact, I reported this to Apple a few years back, as their tar was vulnerable), so special care has to be taken here to avoid this.
- login: "js"
- milestone changed to: "none"
- mimetype: "text/x-markdown"
- priority changed to: "Medium"
- severity changed to: "Important"
- status changed to: "Open"
- title changed to: "ofarc: Support extracting all types in TAR files"
- type changed to: "Feature_Request"