On Mon, Sep 1, 2008 at 10:33 AM, Raymond Wan <[EMAIL PROTECTED]>wrote:
>
> Hi all,
>
> I have some Mason code which, at certain points, runs an external
> program via "system". Sometimes, the input provided by the user via a
> web page is used as input to the external program.
>
> Is this safe? If not, does anyone have any advice on what I should do
> to ensure this is secure? For example, I was just suggested by someone
> that if any user input is passed directly to the external program, it
> better not allow the semi-colon or else someone could just add ";ls".
> So, this type of suggestion...anything else I should look out for?
>
> Thank you!
>
> Ray
>
Ray,
Using input from the user as part of command line arguments opens you up to
all kinds of attacks. If you aren't careful a user can gain complete
control of your server.
The biggest step you can take to make this less likely is to activate
"taint" mode for your website. Taint mode is a feature of Perl which makes
Perl keep an eye on any information coming from outside your program. This
includes user input among other things. I'm not sure about your environment
(you could be running your own server, or sharing space with others) so I
don't know the best way for you to activate taint mode. If you're running
under mod_perl you probably need to add the "-T" switch in your mason
handler.
Turning on taint mode will very likely appear to break a lot of your web
code right of the bat. This is because taint mode causes perl to die
anytime you do anything "dangerous" with data that comes from outside your
source files. At first this can be a real pain (it will be a lot easier if
you're already used to programming under the "strict" prama), but it's a
huge security win. Securing your website requires thinking differently
about how you treat user input at nearly every point in your code.
Here's an ok introduction to taint mode:
http://www.webreference.com/programming/perl/taint/. I strongly recommend
reading the Perl security manual. If you have command line access to perl
you should be able to run the command "perldoc perlsec" to bring up the
manual. Otherwise you can just google "perlsec". This manual will
illustrate many reasons why you need to protect your program from user input
and introduce ways to implement this protection including activating taint
mode. Unfortunately, the manual isn't geared toward the web, but for
general perl programming so you'll have to read between the lines a bit and
apply the information to your situation.
Good Luck,
-- Ben
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Mason-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mason-users
