diff --git a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/terminologies/TerminologyCacheManager.java b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/terminologies/TerminologyCacheManager.java
index 79bbb502b..fc3ea158b 100644
--- a/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/terminologies/TerminologyCacheManager.java
+++ b/org.hl7.fhir.r5/src/main/java/org/hl7/fhir/r5/terminologies/TerminologyCacheManager.java
@@ -99,7 +99,7 @@ public class TerminologyCacheManager {
     try (ZipInputStream zipIn = new ZipInputStream(is)) {
       for (ZipEntry ze; (ze = zipIn.getNextEntry()) != null; ) {
         Path path = Path.of(Utilities.path(targetDir, ze.getName())).normalize();
-        String pathString = path.toFile().getAbsolutePath();
+        String pathString = ManagedFileAccess.fromPath(path).getAbsolutePath();
         if (!path.startsWith(Path.of(targetDir).normalize())) {
           // see: https://snyk.io/research/zip-slip-vulnerability
           throw new RuntimeException("Entry with an illegal path: " + ze.getName());
diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/filesystem/ManagedFileAccess.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/filesystem/ManagedFileAccess.java
index 2ded60f62..2e261b9fd 100644
--- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/filesystem/ManagedFileAccess.java
+++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/filesystem/ManagedFileAccess.java
@@ -37,6 +37,7 @@ import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.nio.file.Path;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -205,4 +206,20 @@ public class ManagedFileAccess {
     }
   }
 
+  public static File fromPath(Path path) throws IOException {
+    switch (accessPolicy) {
+    case DIRECT:
+      if (!inAllowedPaths(path.toString())) {
+        throw new IOException("The pathname '"+path.toString()+"' cannot be accessed by policy");
+      }
+      return path.toFile();
+    case MANAGED:
+      return accessor.file(path.toString());
+    case PROHIBITED:
+      throw new IOException("Access to files is not allowed by local security policy");
+    default:
+      throw new IOException("Internal Error");
+    }
+  }
+
 }
\ No newline at end of file
diff --git a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/tests/BaseTestingUtilities.java b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/tests/BaseTestingUtilities.java
index b47983419..82b98f11d 100644
--- a/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/tests/BaseTestingUtilities.java
+++ b/org.hl7.fhir.utilities/src/main/java/org/hl7/fhir/utilities/tests/BaseTestingUtilities.java
@@ -120,9 +120,9 @@ public class BaseTestingUtilities {
     public static void setFhirTestCasesDirectory(String s) {
     }
 
-  public static void createParentDirIfNotExists(Path target) {
+  public static void createParentDirIfNotExists(Path target) throws IOException {
     Path parent = target.getParent();
-    if (!parent.toFile().exists()) {
+    if (!ManagedFileAccess.fromPath(parent).exists()) {
       parent.toFile().mkdirs();
     }
   }