Quoting $URL: > By default, the Archive::Tar module doesn't allow extracting files > outside the current working directory. However, you can bypass this > secure extraction mode easily by putting a symlink and a regular file > with the same name into the tarball.
*** This bug has been marked as a duplicate of bug 657968 ***