Menu
▾
▴
Re: [webmin-devel] good security practice for developping modules ?
|
From: Jamie C. <jca...@we...> - 2004-10-18 00:46:15
|
On Mon, 2004-10-18 at 03:15, kardiac wrote:
> Hi,
>
> I am not really a developer (so my question is maybe obvious) but i
> develop actually a webmin module. And i would know if it has anywhere a
> document describing how securing a webmin module or some good practice
> to respect?
> I have too read (in perl cookbook by example) than for writing a secure
> perl CGI it's preferable to use "use strict;" and -w and -T flag on #!
> line (at minimum).
> I have check in webmin modules and i have see it didn't use that and i
> don't know why. It's because webmin work with ACL and if user has ACL
> rights then no need for enforcing security in modules ?
The biggest security concern is allowing un-trusted users access to a
module with limited privileges. If you module has an acl_security.pl
script that allows individual Webmin logins to be given different access
rights, you need to be very careful in your code that restricted users
cannot exceed their granted privileges. This means that all form input
has to be carefully checked, to ensure that it cannot be manipulated to
access arbitrary files on the system or run commands.
For example, if your module contained a form that allowed some file in
/usr/local/blah to be deleted, code like this could be dangerous :
&ReadParse();
system("rm -f /usr/local/blah/$in{'file'}");
Because a filename with .. in it could be used to delete any file on the
system. And a filename with
better to use code like this :
&ReadParse();
$in{'file'} !~ /\.\./ && $in{'file'} !~ /\// || &error("Invalid
filename");
unlink("/usr/local/blah/$in{'file'}");
- Jamie
|
