Is there a secure way to get the "path string" from the user, generate it in the root directory, avoiding directory traversal? some kind of "protected mkdir ()".
let's say the root directory → "c: / test" avoid the situation that the user enters → "c: / test /../ windows / abc.exe" thank you very much.
As far as I know, no. You need to analyze the provided path and misinform it yourself (which is good practice anyway, even if it works in a protected environment).
* nix, chroot ( ) , , Windows ( , , Windows 8).
, , , , "..", ( ntfs).