Evil packed bz2 package
in the FLOW3-1.0.3.tar.bz2 file is a bad fileentry for ./ . if you untar this bz2 file as root, you change your directory owner and group for your current directory.
That is very bad...... After i untar it, i can't not login via ssh and public key to my maschine, because openssh can't access my authorized_keys file.
Please fix this issue, it was very time expensive...
Updated by Karsten Dambekalns over 9 years ago
Here's the catch:
tar --transform="s,^./,FLOW3-1.1.0-beta2/," --exclude=".git*" --exclude="Data/*" --exclude="Web/_Resources/*" --exclude="Build/Reports" --exclude="./Cache" --exclude="Configuration/PackageStates.php" -czf ~/FLOW3-1.1.0-beta2.tar.gz --directory ~/Sites/flow3 .
is used to create the archives. But the transform regex works not on
. thus that entry is left alone and ends up in the archive.