> -----Original Message-----
> From: Stas Bekman [mailto:[EMAIL PROTECTED]]
> Sent: Monday, June 05, 2000 12:19 PM
> To: Geoffrey Young
> Cc: '[EMAIL PROTECTED]'; 'Vivek Khera'; 'Matt Sergeant'
> Subject: Re: [new module] Apache::Dispatch
>
>
> On Mon, 5 Jun 2000, Geoffrey Young wrote:
>
> > hi all...
> >
> > I'm not sure if some you remember the idea Vivek and Matt
> had about creating
> > a handler that mapped, say, http://localhost/Foo/doit to Foo->doit()
> >
> > anyway, the relevant part of the thread, including some
> code, can be seen
> > here:
> > http://marc.theaimsgroup.com/?l=apache-modperl&m=95598609306936&w=2
> >
> > I was thinking of officially implementing the idea and
> wanted to get some
> > design feedback first...
> >
> > My thoughts so far:
> >
> > * limit the response to content handling phase only
> (I'm not really
> > sure of what utility other phases would be anyway)
> >
> > * limit the top-level qualifier for the module that can
> be executed,
> > but give this control to the user.
> > perhaps using PerlAddVar to allow only Apache::, Foo::, etc
> > modules only is safe enough?
>
> Geoff,
> I think you will open a Pandora box by releasing this module.
> I don't see
> it'd give some real savings, but users will get hurt, badly.
well, it was the article in this month's LJ that made me think of it
again...
http://www2.linuxjournal.com/lj-issues/issue74/4002.html
of course, while I don't share his views stated in the third and fourth
paragraphs, I thought answersing those types of concerns would be a
benefit...
> You
> shouldn't let the control into user hands! (I mean the clients!) There
> will be alway a module that you will not know about, or a
> function/method
> inside it you won't think about.
>
> How Randal used to say: Dangerous, Willis? or was it Robinson :)
Danger Will Robinson :)
>
> Personally I'm against this idea. Unless you allow only a list of
> specified Module::method (s), but even then things will get
> modified the
> original intention forgotten, systems hacked and ruined.
ok, I never claimed to be a security expert, and we certainly don't want to
expose mod_perl or give it a bad name. However, if the client/user uses the
module parameters to expose his system, does that mean that the module is a
bad idea?
but I don't see that by allowing only Apache:: modules adds a security risk
(but I don't tear apart systems for a living :)
--Geoff
>
> > * if possible, I'd like to see it make some intelligent
> decisions
> > about whether it should take over the request.
> > that is, perhaps move away from a <Location>
> restriction and try
> > to call Foo->doit() if the normal resoltion /Foo/doit
> results in a 404.
> > I'm not sure how this would interact with mod_dir, but I
> guess it would also
> > depend on how folks want to use it...
> >
> > * do we want to default to handler()? if so, what to try first:
> > Foo::doit->handler() or Foo->doit()
> >
> > anyway, that's all for now... feedback/thoughts welcome...
> >
> > --Geoff
> >
> >
>
>
>
> _____________________________________________________________________
> Stas Bekman JAm_pH -- Just Another mod_perl Hacker
> http://stason.org/ mod_perl Guide http://perl.apache.org/guide
> mailto:[EMAIL PROTECTED] http://perl.org http://stason.org/TULARC
> http://singlesheaven.com http://perlmonth.com http://sourcegarden.org
>
