Re: [Perlplusplugin-developers] authorization?
Status: Beta
Brought to you by:
fholtry
From: Frank H. <fh...@av...> - 2000-09-13 21:02:32
|
Dmitry, As Steve pointed out, we do use Opcode to provide some increased security for applications other than Tk. But Tk makes extensive use of eval, which is about as wide open a security hole as Perl provides. If your library can avoid using the more dangerous Perl opcodes,then you could definitely use Opcode for security. Another alternative I looked into and even experimented with a little is what Scriptics uses for Tcl/Tk. It's a custom interpreter embedded in the plugin that only recognizes the 'safe' subset of Tcl commands. It also handles events differently to avoid the problem of two event loops trying to maintain control simultaneously (one in Netscape, one in the plugin). You might find their approach interesting. You can get the source from http://dev.scriptics.com/software/plugin. I'm also looking at providing signed applications using pgp. This won't make the application any more secure, but if it's done correctly, it will make it possible to identify the author and place responsibility on them for any problems. BTW, Steve, it occurs to me that I haven't really told you what Dmitry is doing. I apologize for that; it would have made this discussion more understandable. He can fill you in on the details, but essentially they're building a non-Tk Perl gui library. He's interested in the plugin for it and volunteered to work on the Win32 version. Frank On 13 Sep 2000 Dmi...@pl... wrote: > >Hi! > > During my code digging with the plugin, I disabled the authorization >feature (just to make my work simplier). But from my point of view, this >part is not necessary at all - of course, protection is a tough problem, >but I don't think it should be solved like this. I would suggest rather >java-like protection, when no local operations are permitted ( >feasuble with -T and/or use Opcode). And, the additional security >settings would be accessible for locally - like, MSIE does, assigning >different site groups to the different security groups. > > What would you say if I try to implement this scheme instead of >cgi-authorization? The reason I want to do this hard way is that I >would like to re-write both win32 and X parts, merging the code from >both platforms. > > -- ------------------------------------------------------------------------------- | Frank Holtry | "If you have the right attitude, interesting | | fh...@av... | problems will find you." | | | Eric S. Raymond | ------------------------------------------------------------------------------- |