Remember, non-canonicalized paths are never to be used...

All posts LisPi's posts Post Back to profile

Remember, non-canonicalized paths are never to be used for anything on UNIXes.

They cannot be trusted.

Ideally, stop storing stuff in the filesystem and use a proper database. Odds are it'll perform better anyway (on top of the other consistency & reliability benefits).

This is prompted by the news of yet another exploitable path-based vulnerability.

#unix #linux #storage #PathSecurity #databases

Like 9 Jul 2023 at 21:35 | Open on mastodon.top

7 comments

≠

@lispi314

Neither can Communists, who belong in chippers, plastic shredders, or ovens.

9 Jul 2023 at 21:37 | Open on noagendasocial.com

SpaceLifeForm

@lispi314

At least use a clear config file instead of an abominable cruelty called a registry.

9 Jul 2023 at 21:54 | Open on infosec.exchange

LisPi

@SpaceLifeForm The main systems I'm aware of that have used them have awful results because they fucked up their implementation and failed to properly document anything.

I'm not convinced that a proper system couldn't make registry-style configuration much preferable.

Such a system would also probably do away with the limited abstraction of filesystems though, similarly to what various LispOS papers suggest.

9 Jul 2023 at 22:16 | Open on mastodon.top

SpaceLifeForm

@lispi314

True. It is possible to implement a filesystem in a RDBMS if you put in the effort. May not work as fast, but you can make it reliable ACID wise.

9 Jul 2023 at 22:26 | Open on infosec.exchange