Ponder 05 : Homographs

Due Saturday at 5:00 PM MST

One common form of the homograph attack is for the user to attempt to access a forbidden resource. The programmer may attempt to prevent such requests by creating a blacklist of forbidden files. The problem arises when the attacker finds a way to specify the forbidden file that circumvents the blacklist. This is done, of course, with a homograph attack.

Assignment

Write a program to detect file path homograph attacks. This is accomplished by prompting the user for two filenames and then displaying whether the two filenames are homographs. Consider the following example:

Specify the first filename:  /home/cs470/week05/file.txt

                       Specify the second filename: /home/cs470/../cs470/week05/file.txt

                       The paths are homographs

A second example:

Specify the first filename:  file1.txt

                       Specify the second filename: file2.txt

                       The paths are NOT homographs

To get full credit, your program should handle the following:

Relative path: Paths beginning from the current working directory.
Absolute path: Paths beginning from the root directory
..: The parent directory operator.
.: The current directory operator.
/: The directory delimiting character.
~: The home directory.

A few hints:

You can get the current working directory from getenv("PWD") and you can get the home directory with getenv("HOME"). This function is available in the #include <stdlib.h> library.
You may want to write a function similar to canonicalize_file_name() in the #include <stdlib.h> library. However, you are not to use this function as it currently stands or realpath().

Submitting

This programming assignment is to be completed on the Linux system. Please submit with Lab 05 in the program header. The following test-bed is provided:

testBed cs470/lab05 lab05.cpp

Grading

Your program will be graded according to the following rubric:

	Exceptional 100%	Good 90%	Acceptable 70%	Developing 50%	Missing 0%
Canon 20%	The choice of a canon was optimal	The canon choice is sufficiently powerful to capture all homographs	The canon choice is rich enough to capture one homograph	Elements of the solution exist	A canon was not chosen
Canonicalization function 30%	The canonicalization function is sufficiently generic to capture all the richness of path homographs and is efficient	Either the reliable canons property or the unique canons property are honored	The canonicalization function works to some capacity	Elements of the solution are present	No attempt was made to write a canonicalization function
Homograph function 30%	The homograph function is correct, elegant, and efficient	Passes test-bed or the homograph function component of the solution works	A minor flaw exists in the homograph function	Elements of the solution exist	The homograph function does not exist or does not work in any capacity
Code quality 20%	Beautiful	Great modularization, comments, variable names, and honors style guidelines	Poor modularization, no comments, poor variable names, or poor style	Gross style or code quality errors	Code quality non consistent with a CS senior