Hi,
Would Ur with it's native JS security features (protection from xss code
injection, etc) help or eliminate any of the problems outlined in the following
papers?
http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/
http://blog.cryptographyengineering.com/2012/12/the-anatomy-of-bad-idea.html
>From the Ur FAQ:
Which classes of security vulnerabilities are ruled out automatically?
All of the following are only true up to the lack of bugs in the compiler, but,
with a correct compiler, you shouldn't need to worry about accidentally writing
an application that's susceptible to any of them.
Buffer overflows should be impossible, as in all type-safe languages.
Vulnerabilities arising from automatic run-time interpretation of strings as
code should be impossible. You won't get any interpretation of strings unless
you write an interpreter yourself! All of the following have special static
types that guarantee well-formedness: HTML, SQL, URLs, MIME types, CSS class
names. A whitelist of allowable patterns may be specified in a central place
for URLs and MIME types, making it impossible for applications to contain links
via dangerous protocols or return file data with dangerous MIME types (like any
kind of code that the browser might run). This simple no-interpretation
principle rules out the first 3 of OWASP's Top 10 2007 vulnerabilities: cross
site scripting, injection flaws, and malicious file execution.
Most kinds of cross site request forgery are impossible. Ur/Web detects which
pages could both read cookies and cause side effects. Any request for such a
page automatically contains a cryptographic signature of all cookies that might
be read. Ur/Web currently doesn't support any kind of persistent client state
besides cookies, so some fairly serious client-side acrobatics would be needed
to circumvent the signature scheme.
--
Burton Samograd
_______________________________________________
Ur mailing list
[email protected]
http://www.impredicative.com/cgi-bin/mailman/listinfo/ur
