3 Jun
2002
3 Jun
'02
20:58
On Monday 03 June 2002 19:59, Christopher Mahmood wrote:
'./test' should work. Kind of a strange regex there, especially since it allows names like ../../../../../libc.so.6 If you had a script that automatically removed files from the writable directory but ran outside of the chroot you could be in for a nasty surprise :) Something a little safer might be '^[a-zA-Z0-9\.\-]+$' That is, the start of the record, any number of alphanumeric characters, '.', and '-', and the end of the record. The clinically paranoid might limit the filename length as well: '^[a-zA-Z0-9\.\-]{1-20}$' which would be at least one character but no more than 20.
Thanks, I will try it out. Best regards, David List