Would not the .htaccess approach from Apache work in this specific situation? Namely, by default, assume that a directory to be written to is blocked, but by the introduction of a dot file that the code can detect, you can either simply say that existence is merely enough to ensure access, or set up some complicated language that can determine security levels on the fly? In this case, you are moving the security configuration out of the program and into the file space.

But I'm sort of confused as to what you are considering orthogonal and secure. In your example, you have a list of dirs, and you say that this isn't orthogonal because when you move the dir tree or add a new dir, you also have to update the code, so that's two placed to change. But on the other hand, you say that moving any security out from the code and elsewhere is insecure. I don't see how anything that operates at the file level cannot do the latter. You have to decide where you are going to pack the security features; if you do it in perl, you lose orthogonality, if you do it on the file system, you lose 'security' by your thoughts (please correct me if I'm wrong).

IMO, the best way to solve the problem above is to use a hash to point the keys to the directories that may be written to; the keys are the only things sent via CGI, while the values (untainted) and the only things used to create or write files. Your security configuration is in perl, but as you claim, this is not necessarily orthogonal.

Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

In reply to Re: Orthogonal Code and Security by Masem
in thread Orthogonal Code and Security by Ovid

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.