|
|
Posted by Rory Browne on 07/08/05 22:44
Okay:
From what I´ve read here, there seems to be a lot of useful
information - very litte of which is relevent to the question.
My understanding is that you(the OP) have a template-editing page,
which your designers can log into in order to edit the page, without
having ftp/sftp access?
It is reasonably possible to secure this, and you seem to have the
gist of what is necessary. In fact you seem a little paranoid(That´s a
good thing).
For a list of what to check and what not to check, one good place to
start would be to go through a PHP info page, pick out what is
useful(for verification) and leave behind what isn´t.
One possible step to secure against brute-force is to use captchas.
What you will have to ultimately accept, is that no matter how much
you secure a computer, it will never be completely secure - no matter
what.
On 7/8/05, Ezra Nugroho <enugroho@spikesource.com> wrote:
>
> True. People can steal sessions within a firewall as well.
>
> Unless if browsers can do digital signature, there is no a good way to
> validate users.
>
> I think you would agree that for now it comes down to two choices:
> 1. Focus on convenience, let security slack a little or
> 2. Focus on security, and tolerate some inconvenience.
>
>
> W3C, please do something!!
>
>
>
> On Fri, 2005-07-08 at 14:53 -0400, Michael Caplan wrote:
> > I just was reading a thread on the PHPSEC list, where one of the developers
> > of FUD Forums was (Ilia) was mentioning his experience with AOL users. He
> > claims that IPs can change as frequently as every request to the server..
> > I've also noted similar (but not as drastic) effects. IPs are really not a
> > good fingerprint for a user, unless you are fine with invalidating users on
> > a frequent basis
> >
> > Michael
> >
> > > -----Original Message-----
> > > From: Ezra Nugroho [mailto:enugroho@spikesource.com]
> > > Sent: Friday, July 08, 2005 11:49 AM
> > > To: Michael Caplan
> > > Subject: RE: [PHP] Re: Security, Late Nights and Overall Paranoia
> > >
> > > True, but it's better than nothing.
> > >
> > > IP doesn't change that often, maybe at worst once every hour.
> > > Sensitive cookies should not live that long anyway.
> > >
> > > It's not a great solution, but it's something.
> > >
> > >
> > >
> > > On Fri, 2005-07-08 at 14:41 -0400, Michael Caplan wrote:
> > > > IPs are unreliable. An ip will change frequently if a user travels
> > > through
> > > > a proxy pool, like AOL users, or just about any user from a large ISP.
> > > >
> > > > Michael
> > > >
> > > > > -----Original Message-----
> > > > > From: Ezra Nugroho [mailto:enugroho@spikesource.com]
> > > > > Sent: Friday, July 08, 2005 11:25 AM
> > > > > To: Edward Vermillion
> > > > > Cc: php Lists
> > > > > Subject: Re: [PHP] Re: Security, Late Nights and Overall Paranoia
> > > > >
> > > > >
> > > > > Here is one security measure that you HAVE to do if you allow people
> > > to
> > > > > submit contents to your site.
> > > > >
> > > > >
> > > > > 1. track client's IP.
> > > > > 2. Associate sensitive cookies with the IP, if they don't match,
> > > ignore
> > > > > it or invalidate the cookie.
> > > > >
> > > > > We may not stop the information redirection.
> > > > > We can make the information invalid.
> > > > >
> > > > >
> > > > > Regards,
> > > > >
> > > > > Ezra
> > > > >
> > > > >
> > > > >
> > > > > On Fri, 2005-07-08 at 12:31 -0500, Edward Vermillion wrote:
> > > > > > On Jul 8, 2005, at 12:02 PM, Ezra Nugroho wrote:
> > > > > >
> > > > > > >
> > > > > > > I am just wondering, how could someone craft an html to steal
> > > cookies?
> > > > > > > If your cookie distribution is done right, I don't think you need
> > > to
> > > > > > > worry about this.
> > > > > > >
> > > > > >
> > > > > > That's what XSS is all about. I don't have the link handy but I do
> > > have
> > > > > > a PDF file that I found
> > > > > > a while back that explains how this happens, and to tell the truth,
> > > it
> > > > > > scared the s*** outa me.
> > > > > > To the point that I really don't trust any online commerce, although
> > > I
> > > > > > do still use it, just as
> > > > > > I still give the waitress/waiter my credit card at a restaurant,
> > > even
> > > > > > though I know that's where
> > > > > > most of the identity theft/stolen CC numbers comes from.
> > > > > >
> > > > > > > There are a gazillion of sites (CMS-based, wiki-based, etc,
> > > including
> > > > > > > php.net) that allow users to contribute html. They are not concern
> > > > > > > about
> > > > > > > security of data delivery.
> > > > > >
> > > > > > Yeah I know... :P
> > > > > >
> > > > > > >
> > > > > > > I think, page breaking html is more prominent issue, which you
> > > could
> > > > > > > eliminate with BBcode or wiki language.
> > > > > > >
> > > > > > > Perhaps you are being a little paranoid?
> > > > > > > Or do I miss something?
> > > > > > >
> > > > > >
> > > > > > So yeah, I'm being paranoid but I'm also trying to cover as many
> > > bases
> > > > > > as I can and yet
> > > > > > still provide some decent functionality.
> > > > > >
> > > > > >
> > > > > > Edward Vermillion
> > > > > > evermillion@doggydoo.net
> > > > > >
> > > > >
> > > > > --
> > > > > PHP General Mailing List (http://www.php.net/)
> > > > > To unsubscribe, visit: http://www.php.net/unsub.php
> > > >
> > > >
> > > >
> > > > CONFIDENTIALITY NOTICE
> > > > This message contains confidential information intended only for the use
> > > of
> > > > the individual or entity named as recipient. Any dissemination,
> > > distribution
> > > > or copying of this communication by anyone other than the intended
> > > recipient
> > > > is strictly prohibited. If you have received this message in error,
> > > please
> > > > immediately notify us and delete your copy. Thank you.
> > > >
> > > > AVIS DE CONFIDENTIALITÉ
> > > > Les informations contenues aux présentes sont de nature privilégiée et
> > > > confidentielle. Elles ne peuvent être utilisées que par la personne ou
> > > > l'entité dont le nom paraît comme destinataire. Si le lecteur du présent
> > > > message n'est pas le destinataire prévu, il est par les présentes prié
> > > de
> > > > noter qu'il est strictement interdit de divulguer, de distribuer ou de
> > > > copier ce message. Si ce message vous a été transmis par mégarde,
> > > veuillez
> > > > nous en aviser immédiatement et supprimer votre copie. Merci.
> > > >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
Navigation:
[Reply to this message]
|