Thanks for your feedbacks guys. Of course the idea is not to introduce silly and easy security holes in OpenBSD. So we will go for the most secure platform possible. As for SSH comments, of course I agree, but this interface is a framework to manage OpenBSD based appliances but also an Operation Management software that aims to be used by anybody, even Unix newcomers.
If you want to get a more precised idea of what I am talking about, check the following screenshot here. http://www.matrice-in-motion.com/images/MIMAdmin.JPG Regards Michael David Bryan wrote: > > I really like the concept- but something you must remember when > developing any web app- Input Validation. > > Ideally you would have a mysql database or file that just enables or > disables something ( literally a 1 or a 0 or true/false, then a > secondary program that creates config files from that with very little > that is used as input- maybe an IP address, or small flags. Again > limiting the input so as to remove the possibility for command > injections. If done well, this could be great! Done poorly anyone > could own you box via SQL or command injections. > > Check out OWASP for php filters, and other programing nuggets. > > chefren wrote: >> On 1/25/07 1:34 AM, Passeur wrote: >>> We are in the process of developing a PHP framework with a web >>> frontend to >>> manage the OpenBSD settings through a web browser. >> >> It should be handy, I presume =all= configs, logins, groups, passwords >> and for example the settings for Apache and PHP itself included? >> >>> A friend advised me not to do that because of all the security holes >>> I will >>> introduce on OpenBSD. >>> He advised me rather using PHP to use CGI/PERL. >>> >>> What is your opinion ? >> >> "Let's punch through all carefully designed security layers of OpenBSD >> with a 'program' based on the most insecure language of the planet." >> >> >> Clueless >> >> +++chefren > > > -- View this message in context: http://www.nabble.com/Re%3A-A-PHP-management-interface-for-OpenBSD---tf3095866.html#a8613399 Sent from the openbsd user - misc mailing list archive at Nabble.com.
