# PoC: DirectoryReader Path Traversal — Arbitrary File Read

**Vulnerability:** `torch/package/_directory_reader.py:35-48` — All three methods (`get_record()`, `get_storage_from_record()`, `has_record()`) construct file paths by concatenating the base directory with unsanitized user-supplied names. Path traversal via `../` sequences reads arbitrary files from the filesystem.

## Files

- `poc_dirreader_traversal.py` — Full PoC (path traversal + filesystem probing + realistic scenario)

## Quick Start

```bash
pip install torch
python poc_dirreader_traversal.py
```

## Expected Output

- `get_record("../../../../etc/passwd")` reads /etc/passwd (3454 bytes, 60 lines)
- `has_record()` probes filesystem for sensitive files (SSH keys, /proc/self/environ, etc.)
- Realistic malicious package scenario reads /etc/passwd via DirectoryReader