Checking for safe paths

[bill]

Is there a module that one can use to portably check for the security
of a path? I know how to, e.g. untaint a Unix pathname, but it
would be nice if there were a module that did this portably. Also,
I imagine that there may be other ways for a pathname to be not
secure other than what can be detected with a general regexp (e.g.
a well-formed path may include a symbolic link inserted there for
nefarious purposes).

TIA for the cluebricks,

bill

 

[bill]

Is there a module that one can use to portably check for the security
of a path? I know how to, e.g. untaint a Unix pathname, but it
would be nice if there were a module that did this portably. Also,
I imagine that there may be other ways for a pathname to be not
secure other than what can be detected with a general regexp (e.g.
a well-formed path may include a symbolic link inserted there for
nefarious purposes).

Almost immediately after sending this in, it occurred to me that
the solution (or at least part of it) would be to translate the
path to a "real path" by first chdir to it and then using getcwd
to determining the real cwd.

bill

 

[Anno Siegel]

Is there a module that one can use to portably check for the security
of a path? I know how to, e.g. untaint a Unix pathname, but it
would be nice if there were a module that did this portably. Also,
I imagine that there may be other ways for a pathname to be not
secure other than what can be detected with a general regexp (e.g.
a well-formed path may include a symbolic link inserted there for
nefarious purposes).

There is no such thing as a secure path independent of circumstances.

Anno