2.8.4 Extracting Archives from Untrusted Sources

Extracting files from archives can overwrite files that already exist. If you receive an archive from an untrusted source, you should make a new directory and extract into that directory, so that you don’t have to worry about the extraction overwriting one of your existing files. For example, if ‘untrusted.tar’ came from somewhere else on the Internet, and you don’t necessarily trust its contents, you can extract it as follows:

$ mkdir newdir
$ cd newdir
$ tar -xvf ../untrusted.tar

It is also a good practice to examine contents of the archive before extracting it, using ‘--list’ (‘-t’) option, possibly combined with ‘--verbose’ (‘-v’).

This document was generated on November 1, 2013 using texi2html 5.0.