Security: Add validate_traversal calls to ServerFilesOperationHandler

Rozzarequested to merge
rchar/crafty-4:security/file-operations-traversal into dev

What does this MR do and why?

Resolves #660

Screenshots or screen recordings

image

How to set up and validate locally

  1. Pull branch/fork
  2. Run Crafty, create a server (so you have at least FILES permissions over it)
  3. Run any of the replication scripts/methods detailed in #660

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

  • Have you checked this doesn't interfere/conflict/duplicate someone elses work?
  • Have you fully tested your changes?
  • Have you resolved any lint issues?
  • Have you assigned a reviewer?
  • Have you applied correct labels?
Edited by Rozza

Merge request reports