How to extract symlinked archives on macOS

What is a symbolic link (symlink)?

A symbolic link is a kind of "shortcut" that points to another file or folder. The link itself does not contain the actual data but stores the path information of the original file or folder. This allows users to interact with the link as if it were the original.

Key characteristics

• Role: Connects a given path to another path so that it can be accessed as if it were the original.
• Form: Appears like a regular file, but actually only stores path information.
• Advantage: Allows the same file or folder to be shared from multiple locations.
• Disadvantage: If the original is deleted or moved, the link may become broken.

⚠️ Caution for archives containing symbolic links

When extracting a symlinked archive, if the links point to locations elsewhere on the system (/etc, /var, user home directories, etc.), it may incur security issues. Check the links before and after extraction to prevent such incidents.

Extract archives containing symbolic links by using Bandizip

By default, Bandizip view symbolic links that point to files outside the archive as a security treat and does not create them.

To create external symbolic links, enable the "Allow dangerous symbolic link paths" option in the "Extraction" tab of Bandizip's Preferences.

Information about vulnerabilities caused by symbolic links

For known information about vulnerabilities related to symbolic links, please refer to the links below.

CVE-2025-55188