POV-Ray : Newsgroups : povray.windows : Can't read ../../file.inc : Re: Can't read ../../file.inc Server Time: 24 Oct 2020 03:29:31 GMT
  Re: Can't read ../../file.inc  
From: dickbalaska
Date: 17 Feb 2011 01:10:00
clipka <ano### [at] anonymousorg> wrote:
> Am 16.02.2011 20:51, schrieb Darren New:

>  From the code it is pretty obvious that the original intention is to
> eliminate ".." from paths like "foo/bar/../fnord" by contracting it to
> "foo/../fnord" - no security stuff intended there.

What is the point of doing path contraction, if not for security purposes?
Otherwise you are introducing code with no benefit. The OS is going to handle
.../ just fine for you already.

Someone above said "../ at the start of the path".  Don't forget that
foo/../../../../etc/passwd is legal.

dik


Post a reply to this message

Copyright 2003-2008 Persistence of Vision Raytracer Pty. Ltd.