Boost logo

Boost :

Subject: [boost] [filesystem] New operational function added: canonical()
From: Beman Dawes (bdawes_at_[hidden])
Date: 2011-10-06 08:56:24


A canonical() function has been added at the suggest of David Svoboda from CERT.

Boost.Filesystem's class path had such a function at one time, but it
was deprecated because it didn't handle symlinks correctly. The new
canonical() free function walks the path resolving symlinks, so now
works correctly even when symlinks are present.

For the curious, David's rationale for the function follows.

--Beman

Canonicalized pathnames are an important security measure when you
want to do validity checking on your path (eg does this path live in
/home/goodguy or /home/badguy?). There are several implementations of
canonicalization functions, ranging from POSIX's realpath() function,
to the GNU library's canonicalize_file_name(). For
platform-independent implementations, Java provides the
File.getCanonicalFile() method.

CERT advocates the use of canonicalized filenames in its Secure Coding
rules for both C
       FIO02-C. Canonicalize path names originating from untrusted sources
       https://www.securecoding.cert.org/confluence/x/EAY
and Java
       IDS02-J. Canonicalize path names before validating them
       https://www.securecoding.cert.org/confluence/x/S4EVAQ


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk