Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// AllowedPaths is a list of absolute directory paths that file operations are restricted to.
// If nil, all paths are allowed (no restrictions).
// If empty slice (not nil), no paths are allowed (deny all).
// All paths must be absolute and will be cleaned/normalized.
AllowedPaths []string
}
Config holds the configuration for file system security
func (*Config) IsPathAllowed ¶
IsPathAllowed checks if the given path is within the allowed paths. Returns true if the path is allowed, false otherwise.
SECURITY CRITICAL: This function prevents path traversal attacks. It handles: - Relative paths (./foo, ../foo) - Path traversal (../../etc/passwd) - Symlink attacks (by evaluating the real path) - Prefix attacks (/allowed vs /allowed-other)
Source Files
Click to show internal directories.
Click to hide internal directories.