Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Bugs and flaws

From: gunnar at arctecgroup.net (Gunnar Peterson)
Date: Wed, 1 Feb 2006 16:53:02 -0600


Hi John,


Which of the following more aptly characterizes the problem?:

IMPL. BUG: Insufficient security-constraint existed on the admin  
Servlet in
the app's deployment descriptor.

ARCH. FLAW: No fa?ade component gated privileged functionality
-alternatively-
ARCH. FLAW: Privileged functionality incapable of judging Principal's
entitlement (both fine, one user changing another's password, or  
coarse,
application functionality improperly accessed)


Clausewitz said to be strong, first in general, and then at the  
decisive point. Assuming you consider authentication and  
authorization on admin functions a decisive point, then this scenario  
is a failure in both instances. The question you raise is locating  
the responsibility to deal with this problem. In a distributed  
system, there are many potential areas to locate those controls.  
Problems do not necessarily have to be solved (and in some cases  
cannot be) at the same logical layer they were created (http:// 
1raindrop.typepad.com/1_raindrop/2005/11/thinking_in_lay.html). Would  
an authenticating reverse proxy have prevented this problem? How  
about stronger identity protocols?

-gp
Previous By Date Next
Previous By Thread Next

Current thread: