From owner-freebsd-security  Tue Oct  1 16:30:31 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 51EDF37B401
	for <security@FreeBSD.ORG>; Tue,  1 Oct 2002 16:30:29 -0700 (PDT)
Received: from kobold.compt.com (TBextgw.compt.com [209.115.146.18])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8945E43E75
	for <security@FreeBSD.ORG>; Tue,  1 Oct 2002 16:30:28 -0700 (PDT)
	(envelope-from klaus@kobold.compt.com)
Date: Tue, 1 Oct 2002 19:30:24 -0400
From: Klaus Steden <klaus@compt.com>
To: "f.johan.beisser" <jan@caustic.org>
Cc: Brett Glass <brett@lariat.org>, security@FreeBSD.ORG
Subject: Re: tar/security best practice (was Re: RE: Is FreeBSD's tar susceptible to this?)
Message-ID: <20021001193024.A24818@cthulu.compt.com>
References: <4.3.2.7.2.20021001160301.034597f0@localhost> <20021001151050.F67581-100000@pogo.caustic.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021001151050.F67581-100000@pogo.caustic.org>; from jan@caustic.org on Tue, Oct 01, 2002 at 03:21:58PM -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

With all due respect, running 'tar tf' before extracting a tarball as root is
a good idea, and a good habit to get into.

Klaus

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message