+ /*
+ * prevent tricksters from getting around the directory restrictions
+ */
+ for (cp = filename + 1; *cp; cp++)
+ if(*cp == '.' && strncmp(cp-1, "/../", 4) == 0)
+ return(EACCESS);
+ for (dirp = dirs; *dirp; dirp++)
+ if (strncmp(filename, *dirp, strlen(*dirp)) == 0)
+ break;
+ if (*dirp==0 && dirp!=dirs)
+ return (EACCESS);