After reading
The Docs
and
The Phrack article
I'm unclear on what the real problem is. (NOTE: those
two links are my only experience with SOAP, so forgive me
if I say something naive).
Granted, SOAP::Lite lets you run a SOAP server in which
any available method can be called remotely -- but that
seems to be by design. If you don't want that behavior,
you can use the dispatch_to
method to
restrict all incoming SOAP calls to a particular Module,
method, or Module Directory to protect the server from
attacks attempting to call methods outside of those
Modules, methods or Module Directories.
Is the issue here that even with a conservative use of
dispatch_to Servers can be compromised, or that
naive SOAP::Lite users might leave themselves open without
realizing it?
(Or is the issue that I'm missunderstanding the docs?)
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.