WebApp Sec mailing list archives

Re: Prevent security bypass

From: Chris Travers <chris () travelamericas com>
Date: Wed, 05 Feb 2003 23:19:42 -0800

Adam wrote:

It depends how secure you want it as a lot of people have said but I would
personally go for what you suggested as bar the v.expensive suggestions or
the ones relying on being on the same NT network you arent going to get
anything very secure. We have a secuirty script called on each secure page.
The overhead doesnt seem that bad tbh.

What makes you say that? If you are on NT, then any insecurities of theauthentication protocol are ALREADY going to affect you. Applyingdiversity in depth might buy you something but only if it is paired withgood NT security practices, Besides, if your server is not secure, youare already screwed.

The way I design my web applications which require granularity ofpermissions for different users or other advanced security features isbased on the following principles:

1) Primary Security on Backend-- don't try to do any more enforcementthan you have to on the middleware. And avoid ANY enforcement ofanything important on the front-end. Instead, try to do as muchenforcement with the backend components as possible and only supplimentwith the middleware as needed. The idea here is that you enforcepermissions using the web server, operating system, and/or informationstore (such as RDBMS and LDAP) as much as possible because these are themost robust security-wise, and they can be attacked independentlyanyway. Furthermore these are the only solutions that can globallyprotect the information (from inside the web context or outside it).

2) Supplimental Security in Middleware-- Sometimes, it is necessary toplace information in the information store in an insecure fassion,andthis could be used for DoS attacks. One example might be a user profilein an RDBMS system where all users will be able to write to and updatethat table. In this case, enforce additional security on themiddle-ware. But this security is much more brittle and not as strong,so it should not be relied upon as much.

3) Protect content In Transport-- Use SSL to protect the content andpasswords.


Best Wishes,
Chris

Current thread:

Prevent security bypass Chris Neil (Feb 04)
- Re: Prevent security bypass Kalyan Varma (Feb 04)
- Re: Prevent security bypass Igor Guarisma (Feb 05)
- RE: Prevent security bypass Adam (Feb 05)
  - Re: Prevent security bypass Chris Travers (Feb 06)
    - RE: Prevent security bypass Adam (Feb 06)
    - RE: Prevent security bypass Larry Seltzer (Feb 06)
    - Re: Prevent security bypass Chris Travers (Feb 06)
- Re: Prevent security bypass Ulrich P. (Feb 05)
  - Re: Prevent security bypass Chris Travers (Feb 04)
  - Re: Prevent security bypass c3rb3r (Feb 04)
  - Re: Prevent security bypass Adrian Wiesmann (Feb 04)
- Re: Prevent security bypass sunzi (Feb 07)
  - Re: Prevent security bypass Ernie Nelson (Feb 07)
    - HTTP Header and POST Data Exploitation Rahul Chander Kashyap (Feb 08)

(Thread continues...)