Restrict path access to prevent path traversal
Often we will refer to a file on disk or other resource using a path. For example, a path traversal attack is when an attacker supplies input that gets used with our path to access a file on the file system that we did not intend. The input usually attempts to break out of the application’s working directory and access a file elsewhere on the file system. You can mitigate this attack category by restricting the scope of file system access and reducing the attack surface by using a restricted file permission profile. ...