Restricting File Access
-
Hi, I'm currently writing a small server application for data transfer. Two commands are for direct file transfer (relative path, e.g. test/data.dat) and I want to limit the filenames to be in the directory and subdirectories of the server application. Let's say the server lies in c:\server\server.exe, now I want to be able to e.g. put a file into c:\server\new folder\test.dat, but not outside the server directoy, e.g. c:\test.dat (e.g. with a ../test.dat or new folder/../../test.dat). Is there a good way to parse bad filenames/path? Greetings
-
Hi, I'm currently writing a small server application for data transfer. Two commands are for direct file transfer (relative path, e.g. test/data.dat) and I want to limit the filenames to be in the directory and subdirectories of the server application. Let's say the server lies in c:\server\server.exe, now I want to be able to e.g. put a file into c:\server\new folder\test.dat, but not outside the server directoy, e.g. c:\test.dat (e.g. with a ../test.dat or new folder/../../test.dat). Is there a good way to parse bad filenames/path? Greetings
It is not clear what you need to do. I don't know what a "bad filenames/path" is. I am not sure if you must recognize incorrect syntax of if you need to allow access to something and not allow access to other things. File access is typically controlled using the built-in features of the NTFS.
-
Hi, I'm currently writing a small server application for data transfer. Two commands are for direct file transfer (relative path, e.g. test/data.dat) and I want to limit the filenames to be in the directory and subdirectories of the server application. Let's say the server lies in c:\server\server.exe, now I want to be able to e.g. put a file into c:\server\new folder\test.dat, but not outside the server directoy, e.g. c:\test.dat (e.g. with a ../test.dat or new folder/../../test.dat). Is there a good way to parse bad filenames/path? Greetings
Per your subject, you need to read up on Access Control List (ACL). There's a whole API for it.
"Approved Workmen Are Not Ashamed" - 2 Timothy 2:15
"Judge not by the eye but by the heart." - Native American Proverb
-
Hi, I'm currently writing a small server application for data transfer. Two commands are for direct file transfer (relative path, e.g. test/data.dat) and I want to limit the filenames to be in the directory and subdirectories of the server application. Let's say the server lies in c:\server\server.exe, now I want to be able to e.g. put a file into c:\server\new folder\test.dat, but not outside the server directoy, e.g. c:\test.dat (e.g. with a ../test.dat or new folder/../../test.dat). Is there a good way to parse bad filenames/path? Greetings
One way, if youv'e got absolute paths, just compare them as strings/char arrays. You can get absolute paths by using _fullpath() or _wfullpath. Then you can do the compare, something like this (beware! Old C syntax here): NOTE! I didn't find the time to set current directory to c:\server before testing the code, so I made a full path name for goodRelPath. Else, I could have used a relative path for goodRelPath.
char * projectDir = "c:\\server\\"; char * goodRelPath = "c:\\server\\new folder\\test.dat"; char * badRelPath = "c:\\test.dat"; char tempFullPath[MAX_PATH]; // Test badRelPath (will fail) _fullpath(tempFullPath, badRelPath, MAX_PATH ); if(strstr(tempFullPath, projectDir) == projectDir) { // OK, GO! } else { // Error, no go. } // Test goodRelPath, (OK) _fullpath(tempFullPath, goodRelPath, MAX_PATH ); if(strstr(tempFullPath, projectDir) == projectDir) { // OK, GO! } else { // Error, no go }
-- modified at 0:43 Tuesday 12th December, 2006 Better code...Alcohol. The cause of, and the solution to, all of life's problems - Homer Simpson
-
One way, if youv'e got absolute paths, just compare them as strings/char arrays. You can get absolute paths by using _fullpath() or _wfullpath. Then you can do the compare, something like this (beware! Old C syntax here): NOTE! I didn't find the time to set current directory to c:\server before testing the code, so I made a full path name for goodRelPath. Else, I could have used a relative path for goodRelPath.
char * projectDir = "c:\\server\\"; char * goodRelPath = "c:\\server\\new folder\\test.dat"; char * badRelPath = "c:\\test.dat"; char tempFullPath[MAX_PATH]; // Test badRelPath (will fail) _fullpath(tempFullPath, badRelPath, MAX_PATH ); if(strstr(tempFullPath, projectDir) == projectDir) { // OK, GO! } else { // Error, no go. } // Test goodRelPath, (OK) _fullpath(tempFullPath, goodRelPath, MAX_PATH ); if(strstr(tempFullPath, projectDir) == projectDir) { // OK, GO! } else { // Error, no go }
-- modified at 0:43 Tuesday 12th December, 2006 Better code...Alcohol. The cause of, and the solution to, all of life's problems - Homer Simpson
-
I'm glad to be able to help you. I have a faint memory of using this technique in a program system in the past (15 years ago, or even longer). It was in the DOS days, and there was a DOS call to convert a relative path to a canonical path name. Well, the principle worked then, and should do so today. Good luck. Kakan
Alcohol. The cause of, and the solution to, all of life's problems - Homer Simpson