A safe subclass of the TarFile class for interacting with tar files. Can be used as a direct drop-in replacement for safe usage of extractall()
Tarsafe is a drop-in replacement for the tarfile module from the standard library to safely handle the vulnerable extractall()
method. Inspired by a 6 year old security bug.
$ pip install tarsafe
from tarsafe import TarSafe
tar = TarSafe.open("example.tar", "r")
tar.extractall()
tar.close()
# OR
with TarSafe.open("example.tar", "r") as tar:
tar.extractall()