I'm looking for a method to simulate chroot type behavior for dragon according to the document, only work with Unix I also need it for windows as well. I have used this method by defining the root route and a method This works fine under Linux and I believe that it should work well with Windows. The main thing is that I am worried about it The problem is that A small search on Google for those answers: There are some applications that do this: You can use the Windows API Can get it. And finally, you can create your own abstract to run a sub-publication using abs_path which changes a given path relative to the root. Here is a snippet of
abs_path after deleting some irrelevant code
self.wd.get () fetches the current work directory. Def abs_path (self, rel_path): "" "Relative path changes in absolute path" Virtual Root "" rel_path == '': return os.path.abspath (os. Path.join (self.root, self.wd.get ())) if rel_path [0] == '/': Ret = os.path.join (self.root, rel_path) Other: ret = os.path. Join (self.root, self.wd.get (), rel_path) ret = os.path.abspath (ret) if ret .find (self.root) == 0: return returns self.Rot
if ret.find (self. Root) == 0: , Which I am using to check the cases where evaluate
ret route is higher than the route. If
root = / home / user / , Then
rel_path = / abc /../../ is a full path
/ home / user / . What should be a better way to implement it?
chroot () is doing this in UNIX at the process level , Which can not escape from each forked process The other hides the stomach, but if someone receives an exploiter to take advantage of your code then it executes malicious code and can access your entire file system.
chroot on Unix system, and using
runas on windows In chrooted environment! All this, without making a path a fixer, but with better security.
No comments:
Post a Comment