Add basic sanitization to tar archive unpacking. We are unpacking archives that, presumably, the user created themselves, and potentially even signed & encrypted. However, no reason to allow a malicious archive to overwrite outside the ~/.macpine directory if it can be stopped with a quick check.
Add basic sanitization to
tar
archive unpacking. We are unpacking archives that, presumably, the user created themselves, and potentially even signed & encrypted. However, no reason to allow a malicious archive to overwrite outside the~/.macpine
directory if it can be stopped with a quick check.Tracking issue for: