...
| Code Block | ||
|---|---|---|
| ||
/**
* Indicates if file lives in a secure directory relative to the program's user
* @param file Path to test
* @return true if file's directory is secure
*/
public static boolean isInSecureDir(Path file) {
return isInSecureDir( file, null);
}
/**
* Indicates if file lives in a secure directory relative to the program's user
* @param file Path to test
* @param user User to test. If null defaults to current user
* @return true if file's directory is secure
*/
public static boolean isInSecureDir(Path file, UserPrincipal user) {
if (!file.isAbsolute()) {
file = file.toAbsolutePath();
}
// If any parent dirs (from root on down) are not secure, dir is not secure
for (int i = 1; i <= file.getNameCount(); i++Get UserPincipal for specified user and superuser
FileSystem fileSystem = Paths.get(file.getRoot().toString()).getFileSystem();
UserPrincipalLookupService upls = fileSystem.getUserPrincipalLookupService();
UserPrincipal root = null;
try {
root = upls.lookupPrincipalByName("root");
if (user == null) {
Path partialPath = Paths.get(file.getRoot().toString(), file.subpath(0, i).toString( user = upls.lookupPrincipalByName(System.getProperty("user.name"));
}
tryif {
(root == null || user if (Files.isSymbolicLink(partialPath))== null) {
return false;
}
} ifcatch (!isInSecureDir(Files.readSymbolicLink(partialPath))IOException x) {
return false;
}
// SymbolicIf link, linked-to dir not secure
return false;
}
} else {
FileSystem fileSystem = partialPath.getFileSystem();
UserPrincipalLookupService upls = fileSystem.getUserPrincipalLookupService();any parent dirs (from root on down) are not secure, dir is not secure
for (int i = 1; i <= file.getNameCount(); i++) {
Path partialPath = Paths.get(file.getRoot().toString(), file.subpath(0, i).toString());
try {
if (Files.isSymbolicLink(partialPath)) {
UserPrincipal root = upls.lookupPrincipalByName("root");
if (!isInSecureDir(Files.readSymbolicLink(partialPath))) {
// Symbolic if (user == null) {link, linked-to dir not secure
user = upls.lookupPrincipalByName(System.getProperty("user.name"))return false;
}
} else {
UserPrincipal owner = Files.getOwner(partialPath);
if (!owneruser.equals(user owner) && !ownerroot.equals(root owner)) {
// dir owned by someone else, not secure
return false;
}
PosixFileAttributes attr = Files.readAttributes(partialPath, PosixFileAttributes.class);
Set<PosixFilePermission> perms = attr.permissions();
if (perms.contains(PosixFilePermission.GROUP_WRITE) ||
perms.contains(PosixFilePermission.OTHERS_WRITE)) {
// someone else can write files, not secure
return false;
}
}
} catch (IOException x) {
return false;
}
}
return true;
}
|
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4083e28d53d4f505-ecd3ac7b-4fcd4c70-8ea0b968-e343d93ba78675f597261caa"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | Class File, methods | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a16d46e54c2e272c-2d5d84be-4eaa4ebe-97789aba-46db07846b9aa6d872ab1756"><ac:plain-text-body><![CDATA[ | [[CVE 2008 | AA. Bibliography#CVE 08]] | [CVE-2008-5354 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5354] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4d91bb01847389f5-3ea1baed-457b4a84-85a2ab29-4d3c1ae6c495a25cb5a5add0"><ac:plain-text-body><![CDATA[ | [[Darwin 2004 | AA. Bibliography#Darwin 04]] | 11.5 Creating a Transient File | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="578c702eb86b6686-85f3b9f7-4b684e2a-a6a2a36d-cfac1a52f47eeb7c1d4b0bac"><ac:plain-text-body><![CDATA[ | [[Garfinkel 1996 | AA. Bibliography#Garfinkel 96]] | Section 5.6, "Device Files" | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="aaa3d4f78b9d97f6-474e8fd3-49414090-9d288e4f-007337688da4d5afb23a4471"><ac:plain-text-body><![CDATA[ | [[Howard 2002 | AA. Bibliography#Howard 02]] | Chapter 11, "Canonical Representation Issues" | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="95d9fc2d5f4bbb35-28600287-48354131-a922b81f-30f28250620c5729e06c1576"><ac:plain-text-body><![CDATA[ | [[J2SE 2011 | AA. Bibliography#J2SE 11]] | The try-with-resources Statement | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ce99ea381e3cf436-922316e0-49a348d1-9f37bc77-a80fdf0a4fbf7bece0bd10c5"><ac:plain-text-body><![CDATA[ | [[Open Group 2004 | AA. Bibliography#Open Group 04]] | [ | http://www.opengroup.org/onlinepubs/009695399/functions/open.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="506d65da5a5f2133-80e3cbfc-44cb4032-a65883d9-af77b9fcf1b313e9def4942e"><ac:plain-text-body><![CDATA[ | [[SDN 2008 | AA. Bibliography#SDN 08]] | Bug IDs: 4171239, 4405521, 4635827, 4631820 | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="bf61281560a56948-ad5e11ef-41f34ede-ac3c8662-d57e2f7d9238228efd473926"><ac:plain-text-body><![CDATA[ | [[Secunia 2008 | AA. Bibliography#Secunia 08]] | [Secunia Advisory 20132 | http://secunia.com/advisories/20132/] | ]]></ac:plain-text-body></ac:structured-macro> |
...