tailieunhanh - PHP Security

Never trust user input Poorly or unvalidated user input constitutes the most severe security problem with web applications can crash a server can cause buffer overflows can allow machine to be hijacked allow hacker to have root access Assume user input is bad until you prove its OK | PHP Security CS-422 (from The Linux Journal Oct 2002 author: Nuno Lourereio) Secure Web Applications Most security issues have to do with: hacker attacks denial of service server hijacking common threats compromise of data Basic Rule Never trust user input Poorly or unvalidated user input constitutes the most severe security problem with web applications can crash a server can cause buffer overflows can allow machine to be hijacked allow hacker to have root access Assume user input is bad until you prove its OK Global Variable Scope In versions of PHP earlier than many external variables were defaulted to global scope, variables couldn’t be trusted If you set $authenticated to 1 via a GET: the last test would pass, when it shouldn’t Global Variable Scope (more) Since PHP register_globals has been deprecated; . | PHP Security CS-422 (from The Linux Journal Oct 2002 author: Nuno Lourereio) Secure Web Applications Most security issues have to do with: hacker attacks denial of service server hijacking common threats compromise of data Basic Rule Never trust user input Poorly or unvalidated user input constitutes the most severe security problem with web applications can crash a server can cause buffer overflows can allow machine to be hijacked allow hacker to have root access Assume user input is bad until you prove its OK Global Variable Scope In versions of PHP earlier than many external variables were defaulted to global scope, variables couldn’t be trusted If you set $authenticated to 1 via a GET: the last test would pass, when it shouldn’t Global Variable Scope (more) Since PHP register_globals has been deprecated; GET, POST, Cookie, Server, Environment and Session variables are no longer in the global scope. There are several new arrays to help developers writing applications: $_GET, $_POST, $COOKIE, $_SERVER, $_ENV, $_REQUEST, $_SESSION Database Interaction Most PHP application use data entered from a form to build SQL queries, this can cause a security risk. Assume a script that edits data from some table with a form that POSTs to the same script. The beginning of the script checks to see if the form was submitted then updates the user chosen table. query(“update $table set name=$name); > ?> If you don’t validate variable $table it could be set to any table via a GET update