Here s something I ve thought about for a while.
I am creating an application where s my users will upload their own custom themes, which means that there s going to be a good opportunity for anyone with basic PHP/XSS/whatever skills to cause a lot of headache.
我愿在一种沙箱封闭的环境中操作任何上载的档案,只有能够接触我所希望的 st子(变数)和其他东西。
这是好的做法吗?
为了安全地允许任意使用html/javascript,每个用户必须拥有自己的子宫。 如果每个用户都有自己的子域,那么用户 Java本将因htmlpurifer就是一种选择,然后你可以使用1个领域。
Allowing custom PHP is a bit more hazardous. "Shared hosting" providers rely upon suPHP which forces the php script to run as a specific user. This would require every user to have their own account on your system. This method of defense has been around for a while. It isn t perfect but it does the trick.
海关主题的另一个可能解决办法是使用一种排气发动机,这可防止模板充分进入购买力平价。 民众框架:
由于你不想让用户使用PHP,你应当使用支持沙箱的模版发动机。
全球范围永远是无障碍的。
但是,以目标为导向的概念提供了很多东西。 你可以做的是掩盖全球的 st。 你们所能做的事情首先不能让它看到。
but executing unreviewed 3rd party code is a tricky thing. i would recommend some sort of process isolation here if possible. which means you open a process using popen or something, in combination with suphp you can make a restricted linux user. that is very well possible and secure with the correct security measures in place.
同一方案内采用该守则的良好办法是使用排位模式。 由于整个档案都装上了能够注入危险代码的仪器,因此,它对于班级来说是不切实际的。 但是,你可以从法典上在营地建立习俗功能。 除非要求履行该职能,否则该法典便没有执行。 也可以将一个类别延伸到一个可变名称,然后用户提供密码。 然而,这几乎是不可能做到安全的。
when it comes to html code , it is way easier. there are good html tidy is a good start. there are good solutions to allow only speical tags.
javascript可以“被利用”,其方式是旧的面对面应用。 包括旁遮蔽器、迪恩米茨可变名称等静电压缩机。
我认为,允许外部定制的最佳办法是允许外部风格表。 他们只是从外部装货,实际上不存在安全问题。
编辑:当然,你可以将任何法典加以禁止,将其限于某些声明或否认某些声明,但这是很trick的,而对于php来说,这是一个非常严重的制约因素。 也许更适合改用某些更高的算法语言,或与 j相配套。
你们想要做的是真正的风险。 您绝不应允许用户上载PHP文档。 因此,你没有发现多少PHP在网周围(尽管现在有一些人)。
同样,联合材料在某些间接方面也很危险,因此,几乎没有人允许你上载(Tumblr明显例外)。
你们应该做的是,采用某种排气发动机,使用户上载的模板更加灵敏,去除文字。
Since security is an issue, try to check security advisories like Secunia when choosing the templating engine.
For security reasons, it is desirable to check the integrity of code before execution, avoiding tampered software by an attacker. So, my question is How to sign executable code and run only trusted ...
I run findbugs against all of my code and only tackle the top stuff. I finally got the top stuff resolved and now am looking at the details. I have a simple entity, say a user: public class User ...
Anyone know if jsbin.com implements any protection for XSS or other javascript attacks? I see jsbin links used fairly regularly on sites like this one and I can t find any indication from the site ...
Im making a website that will intergrate with game that only support md5 hashing metod (atm). Which ofc is not especially safe anymore. But how could i make it stronger? Should I just generate long ...
I am trying to find out the difference between difference service account types. I tumbled upon this question. The answer was because it has powerful access to local resources, and Network Service ...
I am trying to write a script to prevent brute-force login attempts in a website I m building. The logic goes something like this: User sends login information. Check if username and password is ...
Three SHA512Managed related questions: Is SHA512Managed considered the best one-way hash available in .NET 3.5 for security? What Salt size should be used with SHA512Managed? The application is for ...
[Update] - I attach also full config files, for service, and for client (outside of here, not to flood the topic) I m having situation pretty much identical to the one outlined in this question, ...
