Re: request for review: file reading security

Yeah. As written, the user could pass, e.g., ../topsecretpages/index.html and start looking at the topsecretpages directory that exists at the same level as pages. (Of course, the user would have to guess or learn the name of the directory, and it is to be hoped you don't really have top secret pages lying around under your web server's document root without any protection.)

Updated: Like the followups say, the regexp dealt with that. Teach me to answer SoPWs in the middle of the night...

Comment on Re: request for review: file reading security Download Code

Replies are listed 'Best First'.
Re^2: request for review: file reading security by Anonymous Monk on Sep 05, 2004 at 14:33 UTC
that's why there is `$req =~ s/^.*\///;` which should take care of that.	[reply] [d/l]
Re^3: request for review: file reading security by pbeckingham (Parson) on Sep 05, 2004 at 14:58 UTC
~~I believe your code should look for literal periods:~~ ~~`$req =~ s/^\.\.\///;`~~ ~~[download]~~ But that's still poor, because what about: `blah/../../topsecretpages/page.html` [download] or `../../topsecretpages/page.html` [download] Update: Chady is right. I retract. pbeckingham - typist, perishable vertebrate.	[reply] [d/l] [select]
Re^4: request for review: file reading security by Chady (Priest) on Sep 05, 2004 at 15:57 UTC
His regular expression does the job well. It strips everything until the last / `$req = 'blah/../../topsecretpages/page.html'; $req =~ s/^.\///; print $req; __END__ page.html` [download] He who asks will be a fool for five minutes, but he who doesn't ask will remain a fool for life. Chady \| http://chady.net/ Are you a Linux user in Lebanon? join the Lebanese Linux User Group.*	[reply] [d/l]


XP is just a number
	PerlMonks