Create new configure option for archival/libarchive based extractions to
disallow path traversals.
As this is a paranoid option and might introduce backward
incompatibility, default it to no.

Fixes: CVE-2023-39810

Based on the patch by Peter Kaestle <peter.kaestle@nokia.com>

function                                             old     new   delta
data_extract_all                                     921     945     +24
strip_unsafe_prefix                                  101     102      +1
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 25/0)               Total: 25 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Add ownership (-R) test cases.

Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Pascal Bellard <pascal.bellard@ads-lu.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

This change retains "or later" state! No licensing _changes_ here,
only form is adjusted (article, space between "GPL" and "v2" and so on).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Removed assumptions about umask and locale. Fixed hostname
tests to work even when the host has no DNS domain set.

Signed-off-by: Dan Fandrich <dan@coneharvesters.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>