safe-extract is a Python script that unpacks file packages (tarballs, zip files, 7z files, rar files), and does so in a safe way, avoiding the hassle of looking out for tarbombs. It checks if the package would create many files/directories when unpacked into the working directory, or if extracting it would overwrite any existing file/directory, and if so, it creates a new directory and extracts the package there.

Installation

Download the package available here, and unpack it. It contains two files:

  • sex.py
  • sex.bashrc

Copy sex.py to some place in your path. That's it.

The sex.bashrc file contains some helpers for using safe-extract with Bash. See the bash helpers section below.

Usage

sex.py <package file>

After extracting the package, it will print the directory where it was extracted to stdout.

Bash helpers

It is possible to automate a little bit more the process of extracting a package file and checking it; the following Bash function (included in the sex.bashrc file in the installation package) lets you 1) extract the package 2) cd into it, and 3) list its contents

function sex {
    s=$(sex.py $*)
    test -n "$s" && cd $s && ls
}

You can "install" this by adding the code snippet above to your .bashrc file, or by sourcing the provided sex.bashrc there. Once this function is in place, you can use safe-extract this way:

sex <package file>

Development

The code is available at http://git.devnull.li/safe-extract.git/