preventing directory traversal in programs

tristan_vdv · 06-03-2002, 03:02 AM

Hi,
I'm writing a server program for linux where the client gives a username, which is used to construct a path (ie /spool/<user>/), (which is used in functions like fopen,scandir etc)

If there are no restrictions on the user name someone could traverse to different directory , ie /spool/../../etc/

To prevent this happening I have denied the use of a forward slash ('/' -- i think its a forward slash, or is it a bs?--cant remember)

is this all i need to do to make the server secure? or is there some other way of doing a directory traversal without the '/'?

Thanks
Tristan

mace · 06-03-2002, 08:08 AM

interesting question

ive only used the blah.*blah../../../../ trans

acid_kewpie · 06-03-2002, 08:22 AM

can you not just look into chroot? i guess i should now the slightest thing about it but i still dont

tyler_durden · 06-03-2002, 09:42 PM

you should also not run the program suid root, set it up as its own user account, that way it won't have permission to do anything anywere else.

tristan_vdv · 06-04-2002, 04:03 AM

not running as root certainly is the best way to solve the problem. but I want my software to be secure, so i thought i had better run this by you guys to make sure there was no other trick to do directory traversal