A Python package to identify potentially dangerous file paths
Project description
bad_path
A Python package to identify potentially dangerous file paths.
Overview
bad_path provides functions to test whether a supplied file path points to a system-sensitive location, taking into account different OS platforms (Windows, macOS, Linux).
Installation
From PyPI
pip install bad_path
From Conda
conda install -c phygbu bad_path
# or
mamba install -c phygbu bad_path
From Source
git clone https://github.com/gb119/bad_path.git
cd bad_path
pip install -e .
Quick Start
from bad_path import is_dangerous_path, DangerousPathError
# Check if a path is dangerous
if is_dangerous_path("/etc/passwd"):
print("Warning: This path points to a sensitive location!")
# Raise an exception for dangerous paths
try:
is_dangerous_path("/etc/passwd", raise_error=True)
except DangerousPathError as e:
print(f"Error: {e}")
# Use the PathChecker class for more details
from bad_path import PathChecker
checker = PathChecker("/etc/passwd")
if not checker:
print(f"Dangerous path detected!")
print(f"Platform system path: {checker.is_system_path}")
print(f"User-defined sensitive path: {checker.is_sensitive_path}")
# Check path accessibility
checker = PathChecker("/tmp/myfile.txt")
if checker:
print("Safe path!")
print(f"Readable: {checker.is_readable}")
print(f"Writable: {checker.is_writable}")
print(f"Creatable: {checker.is_creatable}")
Features
- ✅ Cross-platform support (Windows, macOS, Linux)
- ✅ Simple API for checking dangerous paths
- ✅ Object-oriented
PathCheckerclass with detailed information - ✅ Path accessibility checks (read, write, create permissions)
- ✅ Invalid character detection (platform-specific)
- ✅ Customizable error handling
- ✅ Lightweight with no external dependencies
- ✅ Works with both strings and
pathlib.Pathobjects - ✅ User-defined dangerous paths support
Usage Examples
Basic Path Checking
from bad_path import is_dangerous_path
# Simple boolean check
if is_dangerous_path("/etc/passwd"):
print("This is a dangerous system path!")
if not is_dangerous_path("/tmp/myfile.txt"):
print("Safe to use!")
Checking Path Accessibility
from bad_path import PathChecker
# Check if a file is readable
checker = PathChecker("/etc/passwd")
if checker.is_readable:
print("File can be read")
# Check if a file is writable
checker = PathChecker("/tmp/test.txt")
if checker.is_writable:
print("File can be written to")
# Check if a new file can be created
checker = PathChecker("/tmp/newfile.txt")
if checker.is_creatable:
print("File can be created in this location")
Combining Safety and Accessibility Checks
from bad_path import PathChecker
def safe_to_write(filepath):
"""Check if a path is both safe and writable."""
checker = PathChecker(filepath)
# PathChecker evaluates to True for safe paths
if not checker:
return False # Dangerous location
# Must be writable or creatable
return checker.is_writable or checker.is_creatable
# Usage
safe_to_write("/tmp/myfile.txt") # True - safe and creatable
safe_to_write("/etc/passwd") # False - dangerous location
Checking for Invalid Characters
from bad_path import PathChecker
# Check if a path contains invalid characters for the platform
checker = PathChecker("/tmp/test\x00file.txt") # Null byte is invalid on all platforms
print(f"Has invalid characters: {checker.has_invalid_chars}") # True
print(f"Is safe: {bool(checker)}") # False - dangerous due to invalid char
# Platform-specific invalid characters:
# - POSIX (Linux): null byte (\0)
# - macOS (Darwin): null byte (\0) and colon (:)
# - Windows: < > : " | ? * and control characters (0-31)
# Also checks for reserved names: CON, PRN, AUX, NUL, COM1-9, LPT1-9
# Windows example - reserved name check
checker = PathChecker("C:\\tmp\\CON.txt") # CON is a reserved name
print(f"Has invalid characters: {checker.has_invalid_chars}") # True on Windows
# Paths ending with space or period are invalid on Windows
checker = PathChecker("C:\\tmp\\file. ")
print(f"Has invalid characters: {checker.has_invalid_chars}") # True on Windows
Documentation
Full documentation is available at https://gb119.github.io/bad_path/
Development
For development, install with the optional development dependencies:
pip install -e ".[dev]"
Run tests:
pytest
Build documentation:
cd docs
make html
License
MIT License - see LICENSE file for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
bad_path-0.1.0.tar.gz
(19.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
bad_path-0.1.0-py3-none-any.whl
(13.1 kB
view details)
File details
Details for the file bad_path-0.1.0.tar.gz.
File metadata
- Download URL: bad_path-0.1.0.tar.gz
- Upload date:
- Size: 19.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fe3b149bb9055b818ca707fbaedf1f445a6a8c4430e6de5ddc2ff2b6626ad43a
|
|
| MD5 |
e8aa27742e34ffa1bd6c063a41b6a2e6
|
|
| BLAKE2b-256 |
0cb4cc301428d29636ba6f4a814b6d4ecce21bac6d2e12a756855091ac1d6fbd
|
File details
Details for the file bad_path-0.1.0-py3-none-any.whl.
File metadata
- Download URL: bad_path-0.1.0-py3-none-any.whl
- Upload date:
- Size: 13.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4555e4455b8de84be9ad5f05117c9966a1827b5ab13f798f4c731950986fff01
|
|
| MD5 |
9d60142a6c37ea82e7d64ec5e7608e02
|
|
| BLAKE2b-256 |
42f3a1261e16dde91d965d4343548004ae1d1ba743c4ab954da8c873e447e085
|
