-
Currently, it is still possible that some files are extracted outside of the destination dir in case of malicious archives. The checks from commit 21dfcdbf can be still bypassed in certain cases. See #108 for more details. After some investigation, I am convinced that it would be best to simply disallow symlinks in parents. For example, `tar` fails to extract such files with the `ENOTDIR` error. Let's do the same here. Fixes: #108
e970f496