[Pmwiki-users] Request for Article: "How to write safe scripts"
Steven Leite
steven_leite
Sun Jun 20 23:02:44 CDT 2004
Frequently on the list we have observed suggestions and warnings about not allowing users ("authors") the ability to execute arbitrary code through some method/function such as a user-defined function / Cookbook recipe.
>From my observations, PmWiki has been built with security and safety in mind, which I can appreciate. Since most of the Cookbook recipe's are written by "other" developers, I think using them can and probably *is* a risky thing.
I've written a number of Cookbook scripts myself, and many of them "take input" from the user ("author"). I'd like to know how I can write scripts so that they are written with the same security-mindedness that PmWiki is written in. After all, a system is only as secure as it's weakest point, so PmWiki can be as secure as fort-knox, but if there's just one cookbook recipe running that has a loop-hole in it, then ... the world may cease to exist.
I'd like to see a short (or detailed) article which address this potential for security breaches, and maybe give some tips on how developers can improve their scripts.
Here's one example in particular that I would like to see scrutinized, since I use it in almost all of my scripts. I haven't released it to the Cookbook because I'm just too lazy, but I'll call it x-ParseLight
// This is the "hook" that executes the main function (in this case
// the main function is called xParseLight
$DoubleBrackets["/\\[\\[x-parse:(.*?)\\]\\]/e"] = 'xParseLight("$1");';
function xParseLight($input)
{
// this "main" function takes the $1 parameter as $input. It contains
// everything between the [[x-parse: and the closing ]]. The next few
// lines chops it up and loads it in to an array for internal use.
$params = explode(" ", $input);
foreach($params as $param){
list($key,$value) = explode("=", $param);
$xParseParams["$key"] = $value;}
// . rest of your code here ...
}
So, by using the above example, it's possible to do something like:
[[x-calendar: months=6 wrap=3 startmonth=1 showsummary=false]]
To get a very customized calendar output. Or another example might be
[[x-include: url=http://www.yahoo.com width=100% height=400 scrollbars=no]]
There may be "other" security holes out there besides this one. Perhaps pages that take information from a WikiPage like a "safe url list" could be used by "bad people". Or maybe a seemingly harmless WikiPage containing random quotes could also be subverted for "evil deeds".
These thigns and others are the types of things I would like to see discussed in an article, or even in general as a thread on this list. It will benefit the developers who make these scripts, and also the users ("administrators") who use the scripts.
Sidenote: Thanks to Patrick for his constant nagging about the mis-use and abuse of the word "user". I can't use that word anymore without thinking that I am probably mis-using it! Haha ...
-Steven Leite
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users_pmichaud.com/attachments/20040621/678d16ef/attachment.htm
More information about the pmwiki-users
mailing list