File Access: Possible file access using user input
ID |
ruby.checkfileaccess |
Severity |
high |
Resource |
File Access |
Language |
Ruby |
Description
Improper limitation of a pathname to a restricted directory.
Path Traversal vulnerabilities exploit improper validation of user inputs when constructing file paths. Attackers can manipulate input to navigate the directory structure and access files outside the intended file directory. This typically involves injecting special characters such as ../, which, when processed, traverse the directory hierarchy.
Remediation
To protect against Path Traversal vulnerabilities in applications, consider the following remediation strategies:
-
Canonicalize the Path: Normalize file paths before processing them using file functions. This ensures that any navigational characters are resolved and the path refers to the correct location. Perform any checks on path after canonicalization.
-
Whitelisting: Maintain a whitelist of allowed file names or extensions that users can access, rejecting any requests for files not in the whitelist.
-
Input Validation: Validate incoming parameters rigorously. Reject or safely encode inputs containing harmful patterns, such as
.., or control characters. -
Least Privilege: Ensure that applications run with the least privilege necessary. Restrict file permissions to prevent unauthorized file access even if paths are manipulated.
-
Security Audits and SAST: Conduct regular security audits and integrate Static Application Security Testing tools to identify and mitigate Path Traversal vulnerabilities early during development.
By implementing these preventive measures, you can significantly reduce the risk of Path Traversal vulnerabilities, safeguarding your application against unauthorized file access and potential data breaches.
References
-
CWE-22 : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').
-
CWE-73 : External Control of File Name or Path.
-
OWASP - Top 10 2021 Category A04 : Insecure Design.