Details
-
Task
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
-
None
Description
We currently rely on data in the container file or in the contained file for the internal path of an embedded file, e.g. /zip1.zip/zip2.zip/zip3.zip/something.txt
As a general rule, we should not trust user input, er files. I don't see any areas for malicious effects, but I can image a combination of events that could lead to path collisions.
Attachments
Issue Links
- links to