perlplusplugin-developers

[Perlplusplugin-developers] authorization?

[<Dmi...@pl...>]

Hi!

    During my code digging with the plugin, I disabled the authorization
feature (just to make my work simplier). But from my point of view, this
part is not necessary at all - of course, protection is a tough problem,
but I don't think it should be solved like this. I would suggest rather
java-like protection, when no local operations are permitted ( 
feasuble with -T and/or use Opcode). And, the additional security 
settings would be accessible for locally - like, MSIE does, assigning
different site groups to the different security groups. 

  What would you say if I try to implement this scheme instead of
cgi-authorization? The reason I want to do this hard way is that I 
would like to re-write both win32 and X parts, merging the code from
both platforms.  

-- 
Sincerely,
	Dmitry

Re: [Perlplusplugin-developers] authorization?

[Steve L. <so...@le...>]

Dmi...@pl... wrote:
> 
> Hi!
> 
>     During my code digging with the plugin, I disabled the authorization
> feature (just to make my work simplier). But from my point of view, this
> part is not necessary at all - of course, protection is a tough problem,
> but I don't think it should be solved like this. I would suggest rather
> java-like protection, when no local operations are permitted (
> feasuble with -T and/or use Opcode). And, the additional security
> settings would be accessible for locally - like, MSIE does, assigning
> different site groups to the different security groups.
> 
>   What would you say if I try to implement this scheme instead of
> cgi-authorization? The reason I want to do this hard way is that I
> would like to re-write both win32 and X parts, merging the code from
> both platforms.

Besides CGI authorization, Frank already has opcode restrictions - in fact
the cgi program is responsible for assigning the opcode security level!
The problem appears to be that to do anything useful in Tk you need to
allow many of the "evil" opcodes.....

Steve