Filesystem Security

Esimerkki 5-1 .




Since the username is postable from a user form, they can submit a username and file belonging to someone else, and delete files. In this case, you'd want to use some other form of authentication. Consider what could happen if the variables submitted were "../etc/" and "passwd". The code would then effectively read:

Esimerkki 5-2 . .. .








There are two important measures you should take to prevent these issues. Here is an improved script:

Esimerkki 5-3 .




However, even this is not without it's flaws. If your authentication system allowed users to create their own user logins, and a user chose the login "../etc/", the system is once again exposed. For this reason, you may prefer to write a more customized check:

Esimerkki 5-4 .