Comment 1 for bug 894755

Thierry Carrez (ttx) wrote :

We should definitely protect against directory traversal here... I'm pretty sure you can inject a malicious tarfile in the EC2 image upload process.