Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Is this dispatch code insecure?

by sundialsvc4 (Abbot)
on Feb 20, 2014 at 03:34 UTC ( [id://1075534]=note: print w/replies, xml ) Need Help??


in reply to Is this dispatch code insecure?

Well, I suppose that any such thing is “as (in)secure as you can make it,” but what you seem to be describing here is fairly similar to what RPC::Any::Server does.   There are many, many ways to do it, and really I think that the only thing which you must be very-sure of is that only intended methods can ultimately be called.   Attributes are certainly one valid way of making such a designation.

I suppose it partly depends on just how many (acceptable) request-types there might be, and how easy it needs to be to add new ones.   Logic that is based on can() and agreed-upon attributes does have the potential advantage that you only need to add code in one place to add new “subroutines” to the system.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://1075534]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others cooling their heels in the Monastery: (4)
As of 2024-04-25 13:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found