Prevention method, loopholes and principle of web (save safe file)

Recommended for you: Get network issues from WhatsUp Gold. Not end users.

See my two paper, we know, are common on the loopholes, the file name detecting vulnerabilities, there is a file format vulnerability. Another one is to save the file, the existence of loopholes. This kind of vulnerability, primarily to read user incoming path name, using the filter method is not correct, leading to a malicious user, the file stored in unexpected places, safe hidden trouble.

In fact, we capture a few places can, we first analysis, since the user to save the file, and the file will be diverse forms; some document content and user into different formats, some of the contents of the file with the Trojan code. So, let us save file to the user, with the site documents a were authorized, isolated.

This step from system design to be authorized, no matter what documents you last time, could not perform to. Even if I don't do any testing, your files are stored here, does not constitute a security system for me. (if you have to deposit some reactionary verbal images, the user that requires additional processing)

 

This type of all input to us are the harmful principle, for the client incoming: type, name, to judge, not directly use. To generate a directory, a file name.

The best way is to write the file name : Die directory (don't read the incoming directory), file name, his best randomly generated, not to read the user's file name. The file name extension, can take the right behind ”.” character.

The above 2 methods, the constraints on the deposit just from 2 aspects.

Method 2: save the file name to save on the specified directory, according to their own writing, and the file names generated.

Method 1: as long as the guarantee that the documents written on the position, and then from the configuration, to write directory access control, this is the cure. Can do, you no matter what file, so you do not have permission to run out.


The above 2 methods, used together, can guarantee the correct file stored in the place, then, can control authority. Here by the way, determine the user save file whether meet the requirements types, just check the file name extension, as long as it meets the extension is made. Anyway, the executive authority restriction, you not required to deposit the content, also just as well. Anyway, can not be executed, it won't do much harm.

1 read the file name extension, validation is it right? In the range

2 own definition generated file name, directory, the extension from the file name extension. Other values, their configuration, the content is not read.

3 move files to the new directory (read only set the directory permissions)


Well, this is the general method of operation, and they hope to help everyone, welcome friends! Also hope to provide a better method! Next, I will be in the web  development, common method of functional safety design continues to write some of my experience, view! Welcome to exchange´╝ü

Author: chengmo    QQ:8292669 
the URL:  
subscribe to maintain attention:  
in this paper, the copyright belongs to the author, welcome to reprint, please be sure to add text links.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Posted by Teresa at October 24, 2013 - 1:28 AM