On Mon, Dec 12, 2011 at 15:21:11 -0500, Stephen Gallagher <sgallagh at redhat.com> wrote: > > Of course, a whitelist might be a better idea. Maybe we only > allow .tar.gz, .tar.bz2 and .zip to be uploaded this way and make > additional exceptions as they arise. .tgz is another common extension.