Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things

Re: Forgetting your good education

by Anonymous Monk
on Mar 08, 2003 at 21:10 UTC ( #241433=note: print w/replies, xml ) Need Help??

in reply to Forgetting your good education
in thread Writing a perl quiz. Need advice.

The reason to remove fatalsToBrowser is that you know something about security and you are not an idiot. Let me be clear. I am not saying that you are an idiot. I am saying that you have something basic to learn about security. Please learn it from my post and then stop giving dangerously bad advice.

The purpose of fatalsToBrowser is to provide useful debugging information in the browser. This speeds up development. However it means that if someone finds "unexpected behaviour" in your application, they can use your debugging information to get insight into how your application works, and then use that to fine-tune an attack.

For a common example, suppose that you interface with a database. And, as happens depressingly often, you don't quote a field that shows up in an SQL query. You now suffer from the possibility of an SQL injection attack - someone can enter in anything they want and have it become part of your SQL. If they can figure out the right thing, they can get "interesting results". (Such as downloading your credit card data. Or taking over your database server.)

Now obviously this is much easier if they can find out something about the structure of the query that they are breaking. And something about your database. Which is far, far easier if you provide useful debugging information in the browser. See, for instance, (or many other pages on SQL injection at Google) for how an attacker can use debugging information to keep on escalating an attack until they can get anything they want from your database.

Not publically providing debugging information doesn't fix the bug, but it does make it a lot harder to exploit. It often makes the difference between a minor intrusion and a serious problem.

So how do you do this with minimal impact on your ability to debug? The answer is simple. You make fatalsToBrowser be something that is readily flipped in your code. Preferably either in a configuration variable that differs between production and development, or as something that your standard build process does. That way you get all of the benefits while developing or whenever you need it in production, but without making an attacker's life any easier than it has to be.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://241433]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (4)
As of 2022-08-11 22:54 GMT
Find Nodes?
    Voting Booth?

    No recent polls found