Re: Protecting databases

This WebDNA talk-list message is from

1999


It keeps the original formatting.
numero = 23886
interpreted = N
texte = >I primarily do webhosting for a few friends and and some non-profits and >small businesses. I would like to let some of these folks use the server >side capabilities of webcat, but am concerned about letting them have too >much of the documentation as I am concerned that is could compromise the >integrity of my databases.Your users can get the documentation free at the PCS website, so you should probably assume that they will eventually know as much as you do about writing webdna code. Even if they don't know the webdna language now, they will some day, especially when you start giving them a taste of what it can do ... :)Therefore, I think your major concerns will be whether or not you allow commands, and whether or not you allow file uploads to your website hierarchy ... >Is there anyway to protect a database from being modified from any >templates other than the ones I create?No, not unless you do BOTH of the following:1- Disable commands (use contexts exclusively instead). 2- Prevent users from uploading files to your website hierarchy.#1 is always practical. And while #2 may not seem very practical, it is absolutely critical!If you MUST allow your users to upload webdna templates, at the very least you should have them upload to a location *outside* your website hierarchy -- some place where those templates cannot be served. The best solution would be to run two servers and use one of them exclusively for your client's online testing, so they don't screw things up on your main server while they are testing and learning how to use the webdna language.Then before you manually move each uploaded file to your main server -- after they have finished testing and assured you that the file works properly -- you must perform your own careful check of each file to be sure that there is no webdna code in it that might do something bad. This will end up taking more and more of your time as your clients learn to enjoy using webdna with increasing frequency -- but it's the ONLY way to be absolutely sure they are not putting contexts into those templates that could be used to destroy files, delete entire folders, erase your hard drive, etc.Of course, you could possibly avoid some or all of this manual checking and manual file moving if you have a clear idea of exactly which tags and contexts you wish to allow your users to use, and which ones you will prevent them from using ...One possibility for automating this task would be to write the entire text of each newly-uploaded file to a database record, then search that record for each tag and context you have placed 'off-limits'. If none of the 'banned' or 'off-limits' tags or contexts are in the file, you can make webcat move the file to your website hierarchy, or at least it can notify you via email that the file is 'clean' and is therefore okay for you to move manually. And of course, if the user includes a tag or context you've told them is 'off-limits', you can simply make webcat delete the file instead of moving it or notifying you.This technique would be a hassle to implement, and it might not be foolproof either because there might be some text manipulation techniques a determined person could possibly use to get around your automated search routines ... but it's a start in the right direction if this kind of automated file checking is important to you.Basically, the thing to realize here is that webcat was never designed to be a secure tool for your hosting clients to use. It's a great tool if you're the ONLY one using it -- or if only you and your staff have access to its incredible power -- but there's no way to allow individual clients to use some tags and to disallow their use of other tags short of implementing a technique similar to the one I've described here, or writing those tags into their web pages yourself.And if you *ever* allow your clients to send webdna commands such as 'replace' or 'delete' -- or if you let them upload webdna templates directly to your website hierarchy -- you're asking for a heap of trouble ...Sincerely, Kenneth Grome WebDNA Consultant Associated Messages, from the most recent to the oldest:

    
  1. Re: Protecting databases (webcat 1999)
  2. Re: Protecting databases (Kenneth Grome 1999)
  3. Re: Protecting databases (webcat 1999)
  4. Re: Protecting databases (Kenneth Grome 1999)
  5. Protecting databases (webcat 1999)
>I primarily do webhosting for a few friends and and some non-profits and >small businesses. I would like to let some of these folks use the server >side capabilities of webcat, but am concerned about letting them have too >much of the documentation as I am concerned that is could compromise the >integrity of my databases.Your users can get the documentation free at the PCS website, so you should probably assume that they will eventually know as much as you do about writing webdna code. Even if they don't know the webdna language now, they will some day, especially when you start giving them a taste of what it can do ... :)Therefore, I think your major concerns will be whether or not you allow commands, and whether or not you allow file uploads to your website hierarchy ... >Is there anyway to protect a database from being modified from any >templates other than the ones I create?No, not unless you do BOTH of the following:1- Disable commands (use contexts exclusively instead). 2- Prevent users from uploading files to your website hierarchy.#1 is always practical. And while #2 may not seem very practical, it is absolutely critical!If you MUST allow your users to upload webdna templates, at the very least you should have them upload to a location *outside* your website hierarchy -- some place where those templates cannot be served. The best solution would be to run two servers and use one of them exclusively for your client's online testing, so they don't screw things up on your main server while they are testing and learning how to use the webdna language.Then before you manually move each uploaded file to your main server -- after they have finished testing and assured you that the file works properly -- you must perform your own careful check of each file to be sure that there is no webdna code in it that might do something bad. This will end up taking more and more of your time as your clients learn to enjoy using webdna with increasing frequency -- but it's the ONLY way to be absolutely sure they are not putting contexts into those templates that could be used to destroy files, delete entire folders, erase your hard drive, etc.Of course, you could possibly avoid some or all of this manual checking and manual file moving if you have a clear idea of exactly which tags and contexts you wish to allow your users to use, and which ones you will prevent them from using ...One possibility for automating this task would be to write the entire text of each newly-uploaded file to a database record, then search that record for each tag and context you have placed 'off-limits'. If none of the 'banned' or 'off-limits' tags or contexts are in the file, you can make webcat move the file to your website hierarchy, or at least it can notify you via email that the file is 'clean' and is therefore okay for you to move manually. And of course, if the user includes a tag or context you've told them is 'off-limits', you can simply make webcat delete the file instead of moving it or notifying you.This technique would be a hassle to implement, and it might not be foolproof either because there might be some text manipulation techniques a determined person could possibly use to get around your automated search routines ... but it's a start in the right direction if this kind of automated file checking is important to you.Basically, the thing to realize here is that webcat was never designed to be a secure tool for your hosting clients to use. It's a great tool if you're the ONLY one using it -- or if only you and your staff have access to its incredible power -- but there's no way to allow individual clients to use some tags and to disallow their use of other tags short of implementing a technique similar to the one I've described here, or writing those tags into their web pages yourself.And if you *ever* allow your clients to send webdna commands such as 'replace' or 'delete' -- or if you let them upload webdna templates directly to your website hierarchy -- you're asking for a heap of trouble ...Sincerely, Kenneth Grome WebDNA Consultant Kenneth Grome

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

two unique banners on one page (1997) about this server and links to who (1997) Not really WebCat (1997) auction site (2000) If Empty ? (1997) Help name our technology! I found it (1997) WebCat2b15MacPlugIn - [authenticate] not [protect] (1997) Re:quit command on NT (1997) multi-paragraph fields (1997) table max? (2001) [Fwd: Rotating Banners ... (was LinkExchange)] (1997) faxing orders (2000) change the number format (1997) suffix mapping for NT? (1997) still having shipCost.db Problem (1997) Using Applescript to process WebCatalog functions (1998) Need relative path explanation (1997) Help name our technology! (1997) dates and hex formatting (1997) emailer truncates last letter! (1997)