Stephane Bortzmeyer wrote:
On Mon, Jul 17, 2006 at 03:07:51AM +0100,
Neil Mitchell <[EMAIL PROTECTED]> wrote
a message of 64 lines which said:
How about adding something like "restrictFilePaths :: FilePath -> IO
()" which will restrict the area that can be played with to that
beneath the given FilePath?
If someone does so, be aware that it is *not* trivial to write it
securely.
For instance, many lazy (not in the Haskell meaning) programmers
believe that the path is safe if it does not include .. but it is
false (hint: ."."/foo/bar is a legal path on Unix).
That is a legal path if your Haskell program invokes (perhaps indirectly) a Unix
shell. But if you can inject strings into a shell invocation then it is
obviously impossible to do anything about limiting it to be weaker than the IO
monad.
--
Chris
_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
