[cs631apue] Request like /~jschama/

Chao Cui ccui1 at stevens.edu
Thu Dec 6 01:29:52 EST 2012


Assume a very unfriendly user.

He gives a request like:

/~jschama/../jschama/../testdir1/../jschama/testdir/subdir/file, even more
worse.

Now we begin to transfer that to a valid request.(actually it is valid, but
the program doesn't know)
Assuming that testdir1 does not exist.

If we check this request step by step, when we achieve
/~jschama/../jschama/..testdir1/, the chdir() or access() will fail because
there is no such dir in the system.
But actually it is a valid request because we have a .. following by
testdir1/ . So I don't think we can process the request step by step.
We need to process the request URL as a whole string.

But the question is,how can we know which part is the requested part.
As you mentioned
If we have a request like /~jschama/../testdir/file, we take the
testdir/file under the server root.
For this example, we will take the testdir/subdir/file.
So this is the case that testdir/subdir/file is under /home/jschama.
But if the request is
like /~jschama/../jschama/../testdir1/../jschama/../testdir/../../lib/subdir/file
(equals to /lib/subdir/file). It also may be /home/subdir/subsubdir/file
after processing the URL.
By looking at it, we know that we need to process /lib/subdir/file in the
server root (./usr/htdocs).
The question is:
How can the program tell which part is the relative path of the file to be
processed?
(The same problem with the normal request, and for the normal request,even
more complicated case may happen.)

Can we just make it easy by just picking the file name, ignoring the
directories.
For example, we just take the "file", then check the whole directory
" /~jschama/../jschama/../testdir1/../jschama/../testdir/../subdir" is in
or out the root.
If in, then process the corresponding file, if out, we just make the
request like ./usr/htdocs/file(ignoring the directory)

Thank
Chao



2012/12/5 Jan Schaumann <jschauma at stevens.edu>

> ccui1 <ccui1 at stevens.edu> wrote:
>
> > The request like
> > /~jschama/ we transfer that to /home/jschama/sws/.
> >
> > If we get a request like /~jschama/testdir/ we transfer that into
> > /home/jschama/sws/testdir/.
> >
> > Does that means when we get such kind of request, we find the files or
> > directories under /home/jschama/sws/?
>
> Correct.
>
> > What if we get a request like
> > /~jschama/../testdir/file ?
>
> Here, you are attempting to go one directory above the ~jschauma
> directory, ie /testdir/file.  This is then resolved relative to the
> servers document root just as if the request had been for
> "/testdir/file".
>
> > Shall we just pick the requested file name and find the same file name
> > under ./usr/htdocs/ ?
>
> If your server was invoked with "./usr/htdocs" as the document root to
> serve content from, yes.
>
> > Why do our web server support such kind of request?
> > If I run this server, it means others can see the information in my
> > personal folder.
>
> Correct.  If you decide to run a web server serving the contents of a
> specific directory under your home directory, then other people can
> access contents of that specific directory under your home directory.
>
> > How can that be useful for a web server?
>
> Think about it.  How do you think the course website works?
>
> http://www.cs.stevens.edu/~jschauma/631/
>
> If we want to allow different users on a system to have their own
> websites with content they control, we can't have that data in the
> document root -- otherwise, all users on the systems would require write
> access there.
>
>
> For example, if you would like to have your own website under
> http://www.cs.stevens.edu/~ccui/, then you can create a directory named
> "cs_html" on linux-lab.cs.stevens.edu, and any files you place there
> will be available on the above URL.  Here, the web server uses the
> "cs_html" directory to perform the per-user translation.
>
> -Jan
> _______________________________________________
> cs631apue mailing list
> cs631apue at lists.stevens.edu
> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs631apue
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs631apue/attachments/20121206/96b95690/attachment.html>


More information about the cs631apue mailing list