Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

Re: Re: Restricted' data, a clarification

by jarich (Curate)
on Feb 13, 2004 at 00:22 UTC ( [id://328698]=note: print w/replies, xml ) Need Help??


in reply to Re: Restricted' data, a clarification
in thread 'Restricted' data, an additional security mechanism for Perl.

I'm sorry if I still haven't been clear on this. The purpose of this idea is not to address theft of credit card data from the internet. It doesn't even have to relate to credit card data.

I would never, ever recommend storing credit card data in a database. Perhaps I should have included the following in my example: 

my $sth = $dbh->prepare("insert into credit_cards (?, ?)");
$sth->execute($credit_card, $expiry);  # NOT ALLOWED dies

[download]
Because we have not said that $dbh is allowed to take CreditCard types it would be ideal if we could actively prevent it from doing so. I don't think that this will be easy, it may even be impossible, but it would be ideal.

Nothing can stop the sysadmin from reading the script and taking the password (well, except professional ethics). In fact, nothing can stop the sysadmin from editing the script to remove the restrictions. Restricting data for this purpose would be a waste of time.

As I said in my reply to flyingmoose the purpose of this idea is to assist programmers to write more secure code. Code which spews data (which should be restricted) to log files (or even worse browsers) when things go wrong has serious security flaws. Of course the correct thing to do is make sure that your code doesn't spew this kind of information to insecure locations ever, but mistakes happen. I'd rather be told by a client that under this particular condition my code always dies than discover months later that under that particular condition my publically accessible cgi-script dumps half the client's database to the browser.

I don't mean to suggest this idea as a replacement of a good security model. Using restricted data doesn't get you out of using strict and warnings, it doesn't remove your need to use taint checking, to set your $ENV{PATH} or even to decide which output paths can accept your restricted data. It doesn't guarantee that your restricted data will be properly restricted even - because that depends on you using it properly. All it does for you it add another level of assistance against the mistakes that you will probably make.

I hope this makes more sense to you now.

jarich

In Section Meditations

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://328698]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (8)
As of 2024-04-23 13:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found