From owner-freebsd-hackers@FreeBSD.ORG  Tue Oct  7 13:53:55 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 028FA892
 for <hackers@freebsd.org>; Tue,  7 Oct 2014 13:53:55 +0000 (UTC)
Received: from mho-01-ewr.mailhop.org (mho-03-ewr.mailhop.org [204.13.248.66])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C9E2B266
 for <hackers@freebsd.org>; Tue,  7 Oct 2014 13:53:54 +0000 (UTC)
Received: from [73.34.117.227] (helo=ilsoft.org)
 by mho-01-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256)
 (Exim 4.72) (envelope-from <ian@FreeBSD.org>)
 id 1XbVD7-0001lY-LK; Tue, 07 Oct 2014 13:53:53 +0000
Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240])
 by ilsoft.org (8.14.9/8.14.9) with ESMTP id s97DrpdV030532;
 Tue, 7 Oct 2014 07:53:52 -0600 (MDT) (envelope-from ian@FreeBSD.org)
X-Mail-Handler: Dyn Standard SMTP by Dyn
X-Originating-IP: 73.34.117.227
X-Report-Abuse-To: abuse@dyndns.com (see
 http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse
 reporting information)
X-MHO-User: U2FsdGVkX18jQY4dV2DtmUsne74osNaL
X-Authentication-Warning: paranoia.hippie.lan: Host revolution.hippie.lan
 [172.22.42.240] claimed to be [172.22.42.240]
Subject: Re: tar and /
From: Ian Lepore <ian@FreeBSD.org>
To: Daniel Braniss <danny@cs.huji.ac.il>
In-Reply-To: <ED20B859-CDFF-4205-B7A9-A1A86AAAE1D9@cs.huji.ac.il>
References: <ED20B859-CDFF-4205-B7A9-A1A86AAAE1D9@cs.huji.ac.il>
Content-Type: text/plain; charset="windows-1251"
Date: Tue, 07 Oct 2014 07:53:51 -0600
Message-ID: <1412690031.12052.202.camel@revolution.hippie.lan>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by ilsoft.org id
 s97DrpdV030532
Cc: hackers@freebsd.org
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Oct 2014 13:53:55 -0000

On Tue, 2014-10-07 at 09:44 +0300, Daniel Braniss wrote:
> hi,
> for security reasons tar removes the leading /, which is fine.
> so I can chadir to /var/tmp, and do an extract there. The problem arise=
s when there
> is a file that is linked to /=85
> Is there some way to drop that leading =91/=91 too?
>=20
> cheers,
>=20

No, because the leading slash there is the data within the link file,
not metadata describing the file which tar stores separately and can
easily manipulate.  The moral is to avoid rooted links, even though that
can lead to things nearly as bad, such as links that begin with 8 levels
of ../

-- Ian