Y
Hacker News
new
|
ask
|
show
|
jobs
by
3eb7988a1663
17 days ago
Is there a solid reference resource on handling symlinks? It seems a never ending source of security bugs.
2 comments
euroderf
17 days ago
The new os.Root is supposed to handle symlinks correctly in a sandbox, but (of course?) the first release had a bug related to symlinks.
link
d0vs
17 days ago
Agreed. Not a direct answer but this should be interesting:
https://github.com/cyphar/filepath-securejoin
link