Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

Re: Security, root and CGI?

by Anonymous Monk
on Jan 29, 2009 at 00:15 UTC ( #739738=note: print w/replies, xml ) Need Help??

in reply to Security, root and CGI?

Some web hosting control panels work this same way: Monster Controls is just one that comes to mind. Your approach with the various components has been done before and it makes sense. Since security is #1, your service should only accept instruction verified to have come from the cgi and that it came from an authorized user (you). You might be able to do this with public / private key crypto: Provide your application your private key (or your passphrase to your private key) to encrypt messages bound for the service, and let the service decrypt messages with your public key. The question then becomes how much do you trust your cgi application? Or your browser? But I think that's a different topic - if somebody compromised the cgi, they could capture your passphrase or key, and if somebody compromised your browser (desktop), they could key-log your passphrase / key.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://739738]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (5)
As of 2018-06-22 06:36 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (122 votes). Check out past polls.