[Typo3-dev] TYPO3 backend "Directory Traversal Attack"
Michael Stucki
michael at typo3.org
Wed Nov 2 14:31:55 CET 2005
Hi Kasper,
> Benoit POUYET has made me aware of a security problem called "Directory
> Traversal Attack". The problem seems to be that allowing "../" in URLs
> could be considered an attack on server security. The advice is to turn of
> support for "../" in URLs. However, this completely paralyses the TYPO3
> backend where icons, stylesheets etc. are all prefixed with the
> $BACK_PATH-variable which is typically configured with "../../../../" or
> the like.
>
> Benoit says that more and more security concerned scenarios might shut
> down this functionality and so we should be concerned with how to address
> it in TYPO3. Does any of you know about this issue and have suggestions
> for its solution?
I remember that there was already a bug for this:
http://bugs.typo3.org/view.php?id=750
I fixed it by wrapping some of the backend links with
t3lib_div::resolveBackPath(). Of course there are still many more
references that use the backPath, but I think it was a start at least :-)
- michael
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-dev
mailing list