Strict content root #48
Comments
|
Yes. IIRC I wrote a custom Walk that did follow symlinks unlike the default os.Walk. I think my reasoning was that if your security is based on manually rooting a path, it's only an illusion of security. Additionally as most servers of this nature build a custom directory structure based on tags, file types etc., I wanted to do this using the filesystem myself, so I'd build a root containing symlinks to content throughout my filesystem. I think then a flag is best, defaulting to not following symlinks if my presumption about security is incorrect. |
|
Well, it depends on who creates the files in the served filesystem. I admit that is marginal, and nowadays people could use a container. BTW, as the binary is statically linked, it may be possible to chroot it. I'll do some research in thay way. |
|
Any update? |
|
Don't forget it would still have to have access to ffprobe/ffmpeg from within the jail/chrooted path |
Right now, DMS will happily follow any symlinks pointing out of the content root. This could leads to security issues. Would it be possible to restrict this using an option ?
The text was updated successfully, but these errors were encountered: