Remember, non-canonicalized paths are never to be used for anything on UNIXes.
They cannot be trusted.
Ideally, stop storing stuff in the filesystem and use a proper database. Odds are it'll perform better anyway (on top of the other consistency & reliability benefits).
This is prompted by the news of yet another exploitable path-based vulnerability.
#unix #linux #storage #PathSecurity #databases
LisPi /
npub1yu…xwxfa
2023-07-09 21:35:54
Author Public Key
npub1yu2san6kg486wgqwc99mnwgzma37jf77uue2qda0kyvxn7tlg93sxxwxfaPublished at
2023-07-09 21:35:54Event JSON
{
"id": "1f5c87b55806540eb6cdb38b64f9d21ca1044bcbfdc3c9a77b892e37ceaee01b",
"pubkey": "27150ecf56454fa7200ec14bb9b902df63e927dee732a037afb11869f97f4163",
"created_at": 1688938554,
"kind": 1,
"tags": [
[
"t",
"unix"
],
[
"t",
"linux"
],
[
"t",
"storage"
],
[
"t",
"pathsecurity"
],
[
"t",
"databases"
],
[
"mostr",
"https://mastodon.top/users/lispi314/statuses/110686277080542889"
]
],
"content": "Remember, non-canonicalized paths are never to be used for anything on UNIXes.\n\nThey cannot be trusted.\n\nIdeally, stop storing stuff in the filesystem and use a proper database. Odds are it'll perform better anyway (on top of the other consistency \u0026 reliability benefits).\n\nThis is prompted by the news of yet another exploitable path-based vulnerability.\n\n#unix #linux #storage #PathSecurity #databases",
"sig": "c47505b32585f25ad6366f8b25e82a3fda5fff86f216613563c59f9561b62b8ef7391878a3b1e3d30a4272e1ffc7623b897c919cc2c1b58a2e186154a514bf21"
}