Hello, On Sat, 05 Jul 2008, Masatran, R. Deepak wrote: > It is the responsibility of the archive creator to follow the convention. > What if the archive was created from within the directory, ie, what if: > > cd foo && tar -cf ../foo.tar *
> Malicious tricks are also possible: For example, if I am extracting > something in my home directory, what if the archive overwrote .bash_profile > or .bashrc ? Why not experiment and find out?! On Fri, 04 Jul 2008, Kapil Hari Paranjape wrote: > (Don't believe me! Just test it out!) Hint: You need to _force_ GNU tar to create an archive with funny paths by using the " -P " option. Do not use this option while extracting the archive and see what happens. Regards, Kapil. -- _______________________________________________ To unsubscribe, email [EMAIL PROTECTED] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
