Re: [Perlplusplugin-developers] authorization?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Dmitry,
As Steve pointed out, we do use Opcode to provide some increased
security for applications other than Tk.  But Tk makes extensive use of
eval, which is about as wide open a security hole as Perl provides.  If
your library can avoid using the more dangerous Perl opcodes,then you
could definitely use Opcode for security.  

Another alternative I looked into and even experimented with a little is
what Scriptics uses for Tcl/Tk.  It's a custom interpreter embedded in
the plugin that only recognizes the 'safe' subset of Tcl commands.  It
also handles events differently to avoid the problem of two event loops
trying to maintain control simultaneously (one in Netscape, one in the
plugin).  You might find their approach interesting.  You can get the
source from http://dev.scriptics.com/software/plugin.

I'm also looking at providing signed applications using pgp.  This won't
make the application any more secure, but if it's done correctly, it
will make it possible to identify the author and place responsibility on
them for any problems.

BTW, Steve, it occurs to me that I haven't really told you what Dmitry
is doing.  I apologize for that; it would have made this discussion more
understandable.  He can fill you in on the details, but essentially
they're building a non-Tk Perl gui library.  He's interested in the
plugin for it and volunteered to work on the Win32 version.

Frank

On 13 Sep 2000 Dmi...@pl... wrote:

 >
 >Hi!
 >
 >    During my code digging with the plugin, I disabled the authorization
 >feature (just to make my work simplier). But from my point of view, this
 >part is not necessary at all - of course, protection is a tough problem,
 >but I don't think it should be solved like this. I would suggest rather
 >java-like protection, when no local operations are permitted ( 
 >feasuble with -T and/or use Opcode). And, the additional security 
 >settings would be accessible for locally - like, MSIE does, assigning
 >different site groups to the different security groups. 
 >
 >  What would you say if I try to implement this scheme instead of
 >cgi-authorization? The reason I want to do this hard way is that I 
 >would like to re-write both win32 and X parts, merging the code from
 >both platforms.  
 >
 >

-- 
-------------------------------------------------------------------------------
| Frank Holtry           | "If you have the right attitude, interesting       |
| fh...@av...      |  problems will find you."                          |
|                        |                            Eric S. Raymond         |
-------------------------------------------------------------------------------