More secure archive validity checking, dropping privileges as soon as possible, restricting access to "$" command to SysOp only, an armoring script to setup permissions and ownerships on installed files and directories, and some minor bugfixes unrelated to security.