bug#47058: 28.0.50; Dired Z: insert-directory: Reading directory: No such file or directory, CrossLine_linux_x86

[Gregory Heytings]

> > That's a separate issue.  And I don't see how is it a security issue 
> > for Emacs, when unpacking an archive manually with 'tar' etc. would 
> > produce the same results.  If the user wants to overwrite his/her 
> > sensitive files, we should let them do it, in the same way as other 
> > utilities do.  But that's MO, and it is a separate concern anyway.
>
> It's an Emacs security issue because we make it so easy to unpack these 
> tar files.  We should ideally inspect the file first and see whether 
> it's an adversarial tar file first, and then prompt the user for what to 
> do.

Would it not be easier to unconditionally untar the contents in a 
temporary directory, and to either move its contents to the current 
directory if it contains only one entry, or to rename it to a directory 
based on the tar file name when it contains more than one entry? 
Something like:

TMP=$(mktemp -d ./XXXXXXXX)
tar -C $TMP -x -z -f $FILE
if (($(ls $TMP | wc -l) == 1))
then
  mv $TMP/* .
  rmdir $TMP
else
  mv $TMP $(basename $FILE .tar.gz)
fi