RE: LUA 4.x - filesystem access limit?

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: RE: LUA 4.x - filesystem access limit?
From: Rob Kendrick <lua-l@...>
Date: Wed, 24 Sep 2003 14:08:02 +0100

On Wed, 2003-09-24 at 14:01, Zdenek Stangl wrote:
> Then I will parse the path and cutoff all preceeding '..\\'

Surely this doesn't protect you from a user asking for
../wibble/../../foo ?

There's no simple way of doing this.  Does Windows have a call to find
the canonical path and leaf name of a path you give it?  If it does,
making use of that and then comparing it to the directory you want to
keep the script contained in may be the easiest way.

Does Windows have symlinks, or similar concepts?  If not, then you're
job's a little easier too :)

-- 
Rob Kendrick, Pepperfish Limited                   http://www.pepperfish.net/
PGP signed or encrypted mail welcome                         Key ID: 3651D17A

Follow-Ups:
- Re: LUA 4.x - filesystem access limit?, Erik Hougaard

References:
- RE: LUA 4.x - filesystem access limit?, Zdenek Stangl

Prev by Date: RE: LUA 4.x - filesystem access limit?
Next by Date: Re: RE: LUA 4.x - filesystem access limit?
Previous by thread: RE: LUA 4.x - filesystem access limit?
Next by thread: Re: LUA 4.x - filesystem access limit?
Index(es):
- Date
- Thread