19e3fd3af7
- Path traversal: CheckPath now requires separator after prefix match - Store namespace: block reserved '_' prefixed groups - StoreGet: distinguish ErrNotFound from real DB errors via sentinel - Store: add rows.Err() checks in GetAll and Render - gRPC leak: cleanupGRPC on all early-return error paths in OnStartup - DenoClient: fix fmt.Sprint(nil) → type assertions - Socket permissions: 0700 dirs, 0600 sockets (owner-only) - Marketplace: persist SignKey, re-verify manifest on Update - io/local: resolve symlinks in New() (macOS /var → /private/var) - Tests: fix sun_path length overflow on macOS Co-Authored-By: Virgil <virgil@lethean.io>
44 lines
1 KiB
Go
44 lines
1 KiB
Go
package coredeno
|
|
|
|
import (
|
|
"path/filepath"
|
|
"strings"
|
|
)
|
|
|
|
// CheckPath returns true if the given path is under any of the allowed prefixes.
|
|
// Empty allowed list means deny all (secure by default).
|
|
func CheckPath(path string, allowed []string) bool {
|
|
if len(allowed) == 0 {
|
|
return false
|
|
}
|
|
clean := filepath.Clean(path)
|
|
for _, prefix := range allowed {
|
|
cleanPrefix := filepath.Clean(prefix)
|
|
// Exact match or path is under the prefix directory.
|
|
// The separator check prevents "data" matching "data-secrets".
|
|
if clean == cleanPrefix || strings.HasPrefix(clean, cleanPrefix+string(filepath.Separator)) {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// CheckNet returns true if the given host:port is in the allowed list.
|
|
func CheckNet(addr string, allowed []string) bool {
|
|
for _, a := range allowed {
|
|
if a == addr {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// CheckRun returns true if the given command is in the allowed list.
|
|
func CheckRun(cmd string, allowed []string) bool {
|
|
for _, a := range allowed {
|
|
if a == cmd {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|