Hello, I need to write a small file serving component for web server. There are lots of issues serving files. Because "as-is" serving as big security hole, like this
www.somesite.com/../../../../etc/passwd
There are many issues including ".." resolving and many others like under windows there are many "unusual ways to refer to some path". Also there are some issues with symbolic links... They may drive us away of document-root.
Is there any good article or material about serving files and performing security checks on them?
Thanks.
P.S.: I need solution mostly for POSIX systems but I need a solution for Win32 as well.
P.P.S:
- Does check for ".." and symbolic links is sufficient for POSIX systems? (As far as I know it does not for Windows)
- As far as I remember Windows provides some kind of API for these purposes, can somebody point to it?
Why do I need this:
CppCMS has a simple internal web server for debugging purposes (I had written one), I try to figure out how hard would it be to make this server fully useful for real world (i.e. listen at 80 directly rather then run behind a web server and FastCGI or SCGI connector).
This is a file serving application that I use at this point. It does very primitive checks. I mostly want make it safe.
My Answer:
There is an answer https://www.securecoding.cert.org/confluence/display/seccode/FIO02-C.+Canonicalize+path+names+originating+from+untrusted+sources
Seems to be good enough...
In short: use realpath under UNIX and GetFullPathName under Windows.
Final note: if something would suggest more detailed functionality I would accept it (especially for Win32 where path tests are pain-in-...)