On Fri, Feb 23, 2001 at 10:26:14AM -0500, Dan Sugalski wrote:
> At 07:12 AM 2/23/2001 -0500, wiz wrote:
> >Just curious, has anyone ever had any discussion regarding a 'security-aware'
> >Perl model? Some issues have recently ended up on my desk, and I been having
> >some preliminary thoughts on the subject. It would be nice to be able to set
> >some rules for what Perl is allowed to do on a server without having to worry
> >about the OS-level stuff. Sort-of like Apache does now. Anyone heard of
> >anything like this?
>
> There was a little talk about redoing Safe, but that was about it. Got any
> ideas on the subject?
I have :-) I think limiting access Safe-like, that is, having bitmasks
on what ops one can do is good, but nowhere near enough, or even that
useful, and the more ops you allow, the more difficult it becomes to
control what people might be able to do by combining those ops in
creative and unexpected ways. What's more important is the Outside of
the box, the filesystems and the os: what filesystems one can access,
how much memory one can access, how much CPU one can burn, how many
files can one open. In short, I'm more concerned about denial of
service attacks/leaks than access control/permissions.
--
$jhi++; # http://www.iki.fi/jhi/
# There is this special biologist word we use for 'stable'.
# It is 'dead'. -- Jack Cohen
