Using Register GlobalsPodręcznik PHPPoprzedniRozdział 5. SecurityNastępnyUsing Register Globals
One feature of PHP that can be used to enhance security is configuring PHP with
register_globals = off.
By turning off the ability for any user-submitted variable to be injected
into PHP code, you can reduce the amount of variable
poisoning a potential attacker may inflict. They will have
to take the additional time to forge submissions, and your
internal variables are effectively isolated from user
submitted data.
While it does slightly increase the amount of effort required
to work with PHP, it has been argued that the benefits far
outweigh the effort.
Przykład 5-14. Working with register_globals=on<?php
if ($username) { // can be forged by a user in get/post/cookies
$good_login = 1;
}
if ($good_login == 1) { // can be forged by a user in get/post/cookies,
fpassthru ("/highly/sensitive/data/index.html");
}
?>
Przykład 5-15. Working with register_globals = off<?php
if($_COOKIE['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
}
?>
By using this wisely, it's even possible to take preventative
measures to warn when forging is being attempted. If you know
ahead of time exactly where a variable should be coming from,
you can check to see if submitted data is coming from an
inappropriate kind of submission. While it doesn't guarantee
that data has not been forged, it does require an attacker
to guess the right kind of forging.
Przykład 5-16. Detecting simple variable poisoning<?php
if ($_COOKIE['username'] &&
!$_POST['username'] &&
!$_GET['username'] ) {
// Perform other checks to validate the user name...
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
} else {
mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";
exit;
}
?>
Of course, simply turning off register_globals does not mean code
is secure. For every piece of data that is submitted, it
should also be checked in other ways.
PoprzedniSpis treściNastępnyError ReportingPoczątek rozdziałuUser Submitted Data
Wyszukiwarka
Podobne podstrony:
security registerglobalssecurity howto 7 bif7pmbdlmrob6tcblpvwkf37huqfjqc5eeufry bif7pmbdlmrob6tcblpvwkf37huqfjqc5eeufrysecurity errorsSlow start up when using Norton Internet Security 2002 (3)register? sourcesecurity errorssecurity tipsjava security acl NotOwnerExceptionSHSpec 153 6205C29 Security Check Prepcheckingjava security NoSuchProviderExceptionklucze do Norton Internet Security 2009security variablescos handbook section nine securityregistertcpserverkatalog nazewnictwo wg registrarplclematis mainwięcej podobnych podstron