Sciweavers

    IEEEARES
    2008
    IEEE
    84views Security Privacy» more  IEEEARES 2008»

    How to Open a File and Not Get Hacked

    13 years 10 months ago
    How to Open a File and Not Get Hacked
    Download  www.cs.wisc.edu
    Careless attention to opening files, often caused by problems with path traversal or shared directories, can expose applications to attacks on the file names that they use. In this paper we present criteria to determine if a path is safe from attack and how previous algorithms are not sufficient to protect against such attacks. We then describe an algorithm to safely open a file when in the presence of an attack (and how to detect the presence of such an attack), and provide a new library of file open routines that embodies our algorithm. These routines can be used as one-for-one substitutes for conventional POSIX open and fopen calls.
    James A. Kupsch, Barton P. Miller
    claim paper
    Related Content
    Added 31 May 2010
    Updated 31 May 2010
    Type Conference
    Year 2008
    Where IEEEARES
    Authors James A. Kupsch, Barton P. Miller
    Comments (0)
    Explore & Download
    Proceedings Preprints Top 5 Ranked Papers Publications Books Software Tutorials Presentations Lectures Notes Datasets
    Productivity Tools
    International On-screen Keyboard Graphical Social Symbols OCR Text Recognition CSS3 Style Generator Web Page to PDF Web Page to Image PDF Split PDF Merge Latex Equation Editor Sci2ools
    Document Tools
    PDF to Text PDF to Postscript PDF to Thumbnails Excel to PDF Word to PDF Postscript to PDF PowerPoint to PDF Latex to Word Repair Corrupted PDF
    Image Tools
    JPG to PS JPG to PDF Extract Images from PDF Image Converter
    Sciweavers
    About Community Cookies Privacy Policy Terms of Use

    Copyright © Sciweavers LLC, 2009-2024, USA.