Whenever you unpack a tarball/zipfile/rarfile, you are also risking yourself to overwrite any file in the current working directory, or at least to creating a fuckton of files and directories there (what is known as a tarbomb). The approaches I've used to avoid getting bombed are:

  1. Check a listing of the files in the package to make sure it won't crap out in my $PWD. But I never really learned how to do that with unzip or unrar.
  2. Preventively create a directory, cd there, and extract the package.

I grew bored of doing 2. manually, and of moving the only directory created there to $PWD when the package wasn't a tarbomb, so I wrote a script to automate that. As easy as it sounds, there are lots of corner cases (FS permissions, corrupted packages, etc., etc.), so I finally gave up on Bash and wrote it as a Python script. You can get it, see how to use it, etc., here