I wrote:
> Depending on what you're developing, I'd recommend stopping this
> computer serving to the Internet until you've got the stuff debugged,
> and checked for logic holes...
barophobia wrote:
> I'm not fluent enough I think to find "logic holes" so I'll just have
> to do what I know (turn stuff off, use strong passwords, restrict
> firewall to minimum requirements, etc.).
Logic holes in what you've written.
For example, is there any way that user input could be used to specify a
file? Could you end up with a URL that reads ...?filename=misc ?
In which case, you nee to be absolutely sure that there is *no* *way* a
remote user can encode dots or slashes in that filename. Otherwise, they
can use weird encodings to specify "../../../etc/shadow" (or whatever).
Given one person running this as root (and probably without SELinux), an
attacker may be able to retrieve their encrypted passwords. One
dictionary attack later, and one open SSH port, and the attacker is in.
That's just one hole. There's always one you haven't thought of: are you
paranoid enough that your code will check it anyway?
If you're not fluent enough to handle this, your only options are to
learn, or keep this off the Internet. It's a harsh Internet.
(It may be apparent the I don't, in fact, do PHP programming!)
James.
--
E-mail address: james | Am I alone in receiving so much junk mail? Can these
@westexe.demon.co.uk | people not get it into their thick heads that I do not
| want a Chinese boat?
| Yours sincerely, Mrs Trellis. -- ISIHAC, BBC Radio 4
