[ale] OT - looking for some guidance with a perl script
F. Grant Robertson
f.g.robertson at alexiongroup.com
Mon Apr 21 08:27:00 EDT 2003
Jim,
A regexp would probably be good enough..
$path =~ s/..\///sg;
something like that, you could refine it for your particular level of paranoia..
Someone will probably have a better answer but, that's how I'd handle it
-G
"No, I don't think your paranoid, just the opposite. I think you have these insane delusions that everyone really likes you." - Woody Allen
-----Original Message-----
From: ale-admin at ale.org [mailto:ale-admin at ale.org]On Behalf Of Jim Lynch
To: ale at ale.org
Sent: Monday, April 21, 2003 8:02 AM
To: Ale
Subject: [ale] OT - looking for some guidance with a perl script
What I'm trying to figure out is how to prevent someone from getting to
all the files on the system by adding /.. to the path or something else
more devious. Now I could crack the path and look for a .. element or I
could store all the possible paths in a database an use a key to access
them. I'm not sure there might not still be a security problem with the
first option and the second option seems to be overkill, besides,
displaying the path will be beneficial to the user.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.474 / Virus Database: 272 - Release Date: 4/18/2003
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list