More secure path mangling

[marcjansen]

This is a follow up from the excellent #280. I think the security might even be improved by the following PR.

I'd really like a review from @anikaweinmann or @mmacata on this; this is open for discussion.

[marcjansen]

Hmm. Probably some occasions missed. Hopefully just that.

[marcjansen]

Please have another look @anikaweinmann I marked this as ready for review now. I added some arguments to the two lines you remarked on. I'd love to hear your thoughts again.

[anikaweinmann]

@marcjansen do you want to add a r/w parameter to the functions? Otherwise it is also fine for me to merge it as it is.

[marcjansen]

Sorry for not giving this more attention. I think the general idea is still valid, but I am not sure whether this catches all relevant cases.

I see this has an approving review, and I can try to rebase this, if you still want it. I can also live with you guys and girls closing this PR with unmerged commits. Please go ahead as you see fit.

[anikaweinmann]

@marcjansen you are welcome to merge and rebase

[marcjansen]

@marcjansen you are welcome to merge and rebase

I have done that and also added support for intents (r, w or rw) when ensure_valid_path is called.

Please have another close look at what is now in this PR. Where the method is called, I have added an intent where I was more or less sure, but these shpould please be double checked by someone with more know-how of the actual intent.

[marcjansen]

anybody @mundialis-dev ?

[marcjansen]

Friendly ping @mmacata @anikaweinmann

[anikaweinmann]

Thank you, for me it look good. Please merge.

[marcjansen]

Thanks for the review.