Jesse Alama writes: > On 2 Sep 2018, at 3:05, Christopher Lemmer Webber wrote: > >> http://localhost:34691/servlets/standalone.rkt;(("k" . "(1 1 2810783)")) >> >> That's the id used to retrieve the continuation, right? Presumably >> this >> is effectively the session of something someone is doing that's >> important. This doesn't look very high entropy... I'm guessing I >> could >> manage to intercept someone's continuation/session. A very large >> random >> number would be needed to prevent this. > > Another consideration here is to use HTTPS. That way, the URL is not > exposed: even if I were eavesdropping on your connection, I wouldn't > have the URL. (I *would* be able to know that you're contacting a > certain server on a particular port, but that falls short of knowing > the URL being accessed.)
Hi, Just FYI the attack I described assumed HTTPS. The attack is that you know a URL where these continuation-session URLs are accessed and you guess numbers within the range until you hit a session. Within high enough entropy this shouldn't be a problem, but the default continuation manager appears to use a combination of a linearly increasing id and (random 100000000) for the "salt". I think 2^128 random bytes is considered best practice for today, at which case the linearly increasing id could also be simply dropped. It does look like the continuation manager is configureable though, which I had not seen previously. So I think it would be possible to add a more secure manager which uses this behavior. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
