Package: missingh Version: 1.1.0.3-3 Severity: normal Tags: security Prelude System.Path> secureAbsNormPath "/home/joey" "/home/bob/foo" Nothing
So far so good, and based on that and secureAbsNormPath's description, you might expect it to be usaable to limit access to files in my home directory. That is not the case: Prelude System.Path> secureAbsNormPath "/home/joey" "/home/joeyish/foo" Just "/home/joeyish/foo" So to be "secure", the first parameter should end with a slash. But, the documentation doesn't say that. Actually, it says "in many cases, it would correspond to the current working directory". Note that getCurrentDirectory does not return a directory with a trailing slash. -- see shy jo
signature.asc
Description: Digital signature
