This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Path Traversal"
James Landis (talk | contribs) (Posting on behalf of Rajat) |
James Landis (talk | contribs) |
||
Line 1: | Line 1: | ||
[[OWASP_Periodic_Table_of_Vulnerabilities#Periodic_Table_of_Vulnerabilities|Return to Periodic Table Working View]] | [[OWASP_Periodic_Table_of_Vulnerabilities#Periodic_Table_of_Vulnerabilities|Return to Periodic Table Working View]] | ||
− | |||
− | |||
== Path Traversal == | == Path Traversal == | ||
− | |||
− | |||
=== Root Cause Summary === | === Root Cause Summary === | ||
− | File resources are accessed using | + | File resources are accessed using references constructed from user-supplied data, allowing a malicious user to access files outside the web root that were not intended to be exposed. |
− | |||
− | |||
=== Browser / Standards Solution === | === Browser / Standards Solution === | ||
− | + | None | |
− | |||
+ | === Perimeter Solution === | ||
− | + | Perimeter and platform technologies should canonicalize all URLs and path references, replacing relative paths with absolute paths wherever possible. | |
− | + | The platform should be deployed with permissions that prevent the web server process from accessing files outside the web root. | |
=== Generic Framework Solution === | === Generic Framework Solution === | ||
− | + | The framework should provide safe libraries for accessing the file system that canonicalize path references, enforce proper access control, and prevent direct access to the filesystem. The libraries should have the following features: | |
− | |||
− | |||
− | + | * A configuration-based whitelist of directories that are allowed to be accessed by the application | |
− | + | * A role-based access control list to further limit access to whitelisted directories | |
− | + | * A configuration-based whitelist of file extensions that may be accessed | |
+ | * Canonicalization of file and path names, properly transforming null bytes and relative paths before all other processing takes place | ||
=== Custom Framework Solution === | === Custom Framework Solution === | ||
− | + | None | |
− | |||
− | |||
=== Custom Code Solution === | === Custom Code Solution === | ||
− | + | None | |
− | |||
− | |||
=== Discussion / Controversy === | === Discussion / Controversy === | ||
− | + | None | |
− | |||
− | |||
=== References === | === References === | ||
− | + | [[Path Traversal]]<BR> | |
− | http:// | + | [http://projects.webappsec.org/w/page/13246952/Path%20Traversal Path Traversal (WASC)]<BR> |
+ | [http://cwe.mitre.org/data/definitions/22.html Path Traversal (CWE)]<BR> |
Revision as of 17:54, 23 July 2013
Return to Periodic Table Working View
Path Traversal
Root Cause Summary
File resources are accessed using references constructed from user-supplied data, allowing a malicious user to access files outside the web root that were not intended to be exposed.
Browser / Standards Solution
None
Perimeter Solution
Perimeter and platform technologies should canonicalize all URLs and path references, replacing relative paths with absolute paths wherever possible.
The platform should be deployed with permissions that prevent the web server process from accessing files outside the web root.
Generic Framework Solution
The framework should provide safe libraries for accessing the file system that canonicalize path references, enforce proper access control, and prevent direct access to the filesystem. The libraries should have the following features:
- A configuration-based whitelist of directories that are allowed to be accessed by the application
- A role-based access control list to further limit access to whitelisted directories
- A configuration-based whitelist of file extensions that may be accessed
- Canonicalization of file and path names, properly transforming null bytes and relative paths before all other processing takes place
Custom Framework Solution
None
Custom Code Solution
None
Discussion / Controversy
None