Thanks for the advice... I will keep it in mind! But I don't think that it will be a problem in this case in particular simply because this app will be running somewhat internally. So there will be no access to it from outside. But really thanks for the advice... I will consider it when it comes to security issues | [reply] |
<p mode="sarcastic">What is your network again? I want to dump it into my border firewall's blacklist as a self protection mechanism</p>
In all seriousness, it is worth the extra effort to learn to do it with minimal privileges up front, because it forces you to think of the reprecussions of the actions you are allowing the web server to accomplish.
Too many times I have seen $management ask to have Joe External be able to use an "internal" application. Applications morph. Unless you limit up front what the application is able to do from a security standpoint (only what it needs to do), it is just too easy to make decisions later on without thinking through the implications.
On the other hand, I started life as a security focused system admin, so I am a little more paranoid about those things.
Update: And a P.S. "somewhat internal" means external, right? It is either 100% internal, or it is external.
| [reply] |
Hey don't worry... no need to put me into that blacklist. you are right, security should be delt with at every stage of the process. i can assure you that this will be %99.99 internal process. Well the rest %0.01 is what makes this life beautiful. You know there's a %0.01 chance that I can die next second and this system may never be up. Thanks for sparing time and for the help once again...
| [reply] |
I'm curious. What does the C code do that you couln't do in Perl? Maybe you can avoid to use Inline at all.
| [reply]
[d/l] |