DS_Store File Exposure

The file .DS_Store is publicly accessible.

  • .DS_Store
  • file
  • exposure

.DS_Store is the file that Mac OS X uses to mark the file as being located inside a folder, and it is stored in the same folder as the file that it is attached to. In other words, if you have a file, and it is located inside a folder, then Mac OS X will store a .DS_Store file in the same folder as that file.

Impact

When exposed on the web, the .DS_Store file may reveal the location of files and folders even when directory listing is not permitted.

Solution

Ensure that .DS_Store files are removed or not publicly accessible.

Was this page helpful?