Show HN: Code in Response to “The Trouble with Symlinks.” https://ift.tt/qb0GOMD

Show HN: Code in Response to “The Trouble with Symlinks.” See: https://ift.tt/VPCpD6K This was written in about the past hour or so; it has no documentation or test cases yet. Think twice before relying on it in production. The idea is that we can perform a detailed validation of the trustworthiness of an absolute or relative path, as a simple function that can be reused anywhere: I call this function safepath_check. A trustworthy path is one whose meaning cannot be changed by a third party: another user who isn't root. The path is therefore immune, for instance, to TOCtoTOU security problems, like the insertion of a symbolic link or other tampering. A trustworthy path is allowed to contain symbolic links. Symbolic links can be validated to be safe. To that end, safepath_check performs its own symlink resolution, to ensure that every link resolution step substitutes path material that is trustworthy. https://ift.tt/osRUpcK July 23, 2022 at 12:16AM