Amfphp is not inherently less secure than FDS. Anybody who wants to can
spoof requests to FDS or amfphp, just like they can for HTTP POST. As a
side-note, users don't have to bother to decompile your SWF; they can
just sniff packets coming in or out of your movie using ServiceCapture
or Charles.
The rules for securing Remoting apps aren't any different than the rules
for HTTP POST: don't trust data, secure sensitive methods
(deleteEntireDatabase(), for example), use sessions to identify users,
be wary of SQL injection, don't send SQL over the wire, use SSL when
sending credit card/banking info, etc. Just common sense really. The
only thing that you should be worried about that doesn't have an
equivalent in HTTP POST is sending VOs. Since they are mapped
automatically and VO types are uneforced, someone can spoof VOs and make
them any type they want. For example, consider the service function:
function deleteUser($userVO)
{
$userVO->delete();
}
Well, you might expect that $userVO is a "com.myPackage.UserVO", but it
could also be a "com.myPackage.PhotoVO", or a "com.myPackage.AdminVO",
or whatever. So you either have to make sure you do receive the VO type
you expect, using instanceof or is_a, or you should only use "dumb" VOs
which don't have any methods. This and the fact that assignments on a
class for variables that not defined won't cause a warning unless using
E_STRICT, which amfphp won't run in (as it's impossible to work in
E_STRICT while supporting PHP4), means that using VOs in amfphp (and in
PHP in general) is IMHO bad practice. VOs make a lot more sense in fully
(runtime, not just compile-time) typed languages.
Patrick
Kevin a écrit :
>
> Is there any good information available on how to properly secure
> AMFPHP/Flex. It seems like a simple decompile of the swf file can
> expose a wealth of information which could allow a hacker to easily
> connect to the gateway and call any number of methods. Is there any
> information on available on how to lock down an AMFPHP/flex app
> properly? I have seen some discussions on the boad regarding FDS
> security, but not AMFPHP. Is AMFPHP inherently less secure OR more
> secure than any other data service technology. The app I am building
> requires as high a level of security as I can reasonably enable.
>
> Thanks,
>
> Kevin
>
>
