I agree about the CGI stuff, as the username should always be the same
anyway, so it can be defined separately for that user. I do believe that we
need to at least take CGI scripts into account, however.
Some questions:
1.> you wrote: "Generally speaking we ought to have the capability to use or
not use any of the opcodes" - I'm not entirely sure what you mean by this. Are
you saying that the admin should have the ability to limit this, or the
developer/user (or not at all)?
2.> What do you mean by 'crockable'(I've never heard the term)?
Some comments:
1.> "Content-Length", although CGI-specific, is a big hole. It probably should
be handled by the webserver, but it isn't, and almost none of the scripts that
I have encountered check it before reading. I realize that it's not 'Perl's
fault', but why purposely leave a hole open?
2.> I'm not a DBA, so I put the DBI stuff in there because I wasn't aware that
DBs could limit functionality based upon a program name. I don't really know
anything about DBA, so I probably should have kept my mouth shut.
As far as the suggestions being primitive, you're right. They are really
just some thoughts that have been voiced, and it's only intended to get people
talking about it. Even still, it's miles ahead of what we have now ;). As time
allows, I will make every effort to look into other security models and try to
patch together some general idea of what this thing should do (I hope others
will, too), and maybe how it should do it. I'm not a security guru by any
stretch, and don't expect to be one anytime soon.
If you have any suggestions as to where you think it should move, or perhaps
even some existing models that you like, please let me know, and I'll take a
look. In all honesty, it might be better left to a security expert, but I'll be
happy to struggle through until one comes along.
Thanks for the comments,
Grant M.
