> -----Original Message-----
> From: Ken Williams [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 06, 2000 12:38 AM
> To: Christopher Lee
> Cc: [EMAIL PROTECTED]
> Subject: Re: Apache::Dispatch
>
>
> [EMAIL PROTECTED] (Christopher Lee) wrote:
> >There's a real live working example if anybody wants it,
> called "Wing",
> >available from your local friendly CPAN.
> >
> >The module is used as an IMAP interface but the main module
> handles everything
> >except logins, the url is used to pass commands around, the
> one I'm looking at
> >at the moment is
> >
> >http://server1.herald.ox.ac.uk/wing/cmd/ball0000/x/compose
> >
> >The "wing/cmd" tells the module that this is a call for the
> function called
> >(in this case) "cmd_compose" with the parameters "ball0000"
> (a username)
> >(x is a dummy used for other functions I think).
> >
> >Internally the module takes 'compose' and prefixes it with 'cmd_',
> >evals the string as a soft reference to a function and
> returns an error
> >code if the function doesn't exist, or runs the function if it does.
> >
> >It only lets a strict subset of functions run (it always
> appends a "cmd_" to
> >the name) so internal functions are safe .
well, if we somewhat limited ourselves, we could only call handler()
routines. Thus localhost/Custom would call Custom->handler() and that would
be the end. I don't think the drawbacks of having one function per module
will really be that bad, since we're only talking about the content handling
phase...
>
>
> That step is *crucial* to the security of the system. Without it,
> browsers could call any method in the module, including ones
> that aren't
> meant to be called. D, W.R.!
>
> By specifying the cmd_ prefix you're essentially adding a "public"
> declaration to these subroutines, albeit a fairly ugly one.
>
> In general, when accepting arbitrary user input you want to make sure
> there are only a very few access points to the code, then
> make sure you
> have very tight validation of the data in those access points. Taint
> mode comes to mind as one tool in the belt.
right, except that you can't code a module in taint mode, you have to rely
on the user setting PerlTaint On (right?)
>
>
> ------------------- -------------------
> Ken Williams Last Bastion of Euclidity
> [EMAIL PROTECTED] The Math Forum
>
>
