Introduction to web storage vulnerabilities and principles Analysis and Prevention Methods (secure file storage methods ). This type of vulnerability mainly allows users to read the input path name and use incorrect filtering methods. as a result, malicious users can store files in unexpected places, posing a security risk. In fact, this type of vulnerability mainly allows users to read the input path name and use incorrect filtering methods, leading to malicious users storing files in unexpected places, posing a security risk.
As a matter of fact, let's take a few points. let's take a look at it first. since the user wants to store the file, and the file will be in a variety of formats, the contents of some files may be different from the format imported by the user, some files contain Trojan code. Therefore, we allow users to store files and perform separate authorization with site files for isolation.
Keep the stored directory independent. The Directory permission is read-only and cannot be executed.
This step is authorized by the system design. no matter what file you used last time, it cannot be executed. Even if I do not perform any detection, your files are stored here, and it will not constitute a security for my system. (If a user saves images of reactionary words, what else needs to be processed)
Detection is performed for all input values without using the server.
This type is the same as the principle that all input operations are harmful. the type and name passed by the client must be determined and not directly used. For a file name to be generated to a directory.
The best file name method is: write your own dead Directory (do not read the imported directory), file name, it is best to randomly generate your own, do not read the user file name. File extension, which can be followed by "." on the rightmost side.
The above two methods impose overall constraints on memory from two aspects.
Method 2: save the stored file name, write data to the specified directory, and generate the file name.
Method 1: ensure that the file is written to the correct location, and then control the permission to write the directory from the configuration. this is a permanent cure. Yes. no matter what files you store, you do not have the permission to jump out and run them.
The above two methods can be used together to ensure that the file is correctly stored in a local place, and then the permissions can be controlled. By the way, to determine whether the user's stored files meet the required types, you can directly check the file extension, as long as the file extension is satisfied, so that the file can be stored. In any case, the execution permission restriction is imposed, and it is okay if you do not store the content as required. It cannot be executed.
Correct steps:
1. read the file name and verify that the extension is in the specified range.
2. customize the generated file name, directory, and extension from the file name extension. Other values are configured by yourself and do not read the content stored on the storage.
3. move the file to the new directory (the directory permission is set to read-only)
Well, the above is a general operation method. I hope it will be helpful to you and you are welcome to contact us! We also hope to provide better methods! Next, I will continue to write some of my experiences and opinions on functional security design in some common methods in web development!
Bytes. Actually...
