Questions about this topic? Sign up to ask in the talk tab.

Unsafe file IO

From NetSec
Jump to: navigation, search

Accepting path names as input over the network should be avoided if at all possible, and instead should use a whitelist containing possible file-names. Accepting file names as input will cause file disclosure, source disclosure, and file inclusion vulnerabilities. This can apply to more than file inclusion. Some languages even output entire directory listings when "." is read as a file. Filenames provided by user input simply should not be used. An SQL database (for constantly changing filenames and updated listings) or other similar indexing method (static array whitelisting) can provide a safe way (like an ID) for file access without allowing the user to directly specify the path to the file on the server.