maybe https://docs.rs/cap-std/latest/cap_std/fs/index.html would prevent that? | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

kobebrookskC3 on Dec 1, 2022 | parent | context | favorite | on: Memory Safe Languages in Android 13

maybe https://docs.rs/cap-std/latest/cap_std/fs/index.html would prevent that?

insanitybit on Dec 2, 2022 [–]

Capabilities are a good way to mitigate this problem, yes. At minimum cap_std::fs would prevent "../" attacks.

"../" attacks are also just way less of an issue when you shove your programs into minimal containers, which at this point is more or less standard practice.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact