My fondness for blacklisting is as mentioned - when a blacklist is created you are filtering bad apples from good ones. To know which are bad fruits would entail research and/or actual cases where the fruits not suitable for processing. In programming, this process forces coders/scripters to be constantly aware of security pitfalls, it actually ensures that the coder will take it upon himself to improve his coding styles and logic (if it's his coding practices is flawed) or block exploitable areas (if the problem lies with the underlying technology) - it ensures that the developer will improve. Blacklisting is actually great for creating dynamic applications where users are given the greater control over their own data and how they want the system to function - just like the many webapp that comes around every now and then.
And lastly, of course consideration whether to use whitelisting or blacklisting always depends on the type and data access of the application that you are developing.
On 11/5/06,
hard wyrd <[EMAIL PROTECTED]> wrote:
The Whitelist method has been the best kept secret when talking about security in any application.
A lot of apps (anti-vir, etc...) uses blacklisting and this is somewhat ineffective specially towards problems that you haven't encountered yet. Explicitly and selectively allowing methods, functions, applications will prevent exploitation.
--
http://audienceone.blogspot.com
_________________________________________________ Kagay-Anon Linux Users' Group (KLUG) Mailing List [email protected] (http://cdo.linux.org.ph) Searchable Archives: http://archives.free.net.ph
