Does mono supports this file txs on Linux? Cheers, Henry Conceição
On Fri, Feb 19, 2010 at 10:48 AM, Henrik Feldt <[email protected]> wrote: > Hello, > > > > I’m finishing the last parts of the security features of the transactional > system, the access control based on current directory. As I’m writing I’ve > come to the point where I need to check if the path given is a child node of > a parent path which I’m constrained to. > > > > The code looks something like this: > > > > public bool IsParentOf(PathInfo child) > > { > > if (Root == string.Empty || child.Root == string.Empty) > > throw new NotSupportedException("Non-rooted paths are > not supported."); > > > > var OK = FolderAndFiles == child.FolderAndFiles; > > > > switch (Type) > > { > > case PathType.Device: > > OK &= child.DeviceName.ToLowerInvariant() > == DeviceName.ToLowerInvariant(); > > break; > > case PathType.Server: > > OK &= child.ServerName.ToLowerInvariant() > == ServerName.ToLowerInvariant(); > > break; > > case PathType.IPv4: > > OK &= > IPAddress.Parse(child.IPv4).Equals(IPAddress.Parse(IPv4)); > > break; > > case PathType.IPv6: > > OK &= > (IPAddress.Parse(child.IPv6).Equals(IPAddress.Parse(IPv6))) > > break; > > ... > > } > > > > return OK; > > } > > > > As you can see I’m keeping track of a few different combinations. On Mono > paths are case sensitive, on .Net they aren’t. Not that it’s very common, > but this done wrong without further checks from the programmer’s part would > be possible to use for privilege escalation attacks, if the admin has put > the application in a folder and another in a verbatim folder with different > casing in the path. > > > > At some places, like in brail’s view engine the absolute path isn’t used and > as far as I remember, it’s all lowercase, but it might matter… > > > > What’s the official line on this from the project’s perspective? > > > > Cheers, > > Henrik > > -- > You received this message because you are subscribed to the Google Groups > "Castle Project Development List" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/castle-project-devel?hl=en. > -- You received this message because you are subscribed to the Google Groups "Castle Project Development List" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/castle-project-devel?hl=en.
