Perl Security pdf

时间:2012-09-23 16:27:02
【文件属性】:

文件名称:Perl Security pdf

文件大小:664KB

文件格式:PDF

更新时间:2012-09-23 16:27:02

Perl,Security,pdf

Table of Contents 1. About Perl Training Australia....................................................................................................... 1 Training...................................................................................................................................... 1 Consulting .................................................................................................................................. 1 Contact us................................................................................................................................... 1 2. Introduction.................................................................................................................................... 3 Course outline ............................................................................................................................. 3 Assumed knowledge ................................................................................................................... 3 Platform and version details........................................................................................................ 3 The course notes.......................................................................................................................... 3 3.What is Computer Security ........................................................................................................... 5 In this chapter... ........................................................................................................................... 5 Scope of this course .................................................................................................................... 5 Target operating systems ................................................................................................... 5 Why is security important ........................................................................................................... 6 What attacks can occur?.............................................................................................................. 6 What is a security-sensitive context? .......................................................................................... 8 Why does security through obscurity not work?......................................................................... 9 The InterBase LOCKSMITH account............................................................................... 9 How to make your code more secure........................................................................................10 Review your code with someone else..............................................................................10 Use good programming practices....................................................................................10 Why use strict and warnings ..................................................................................11 Other good rules.....................................................................................................11 New and self-taught programmers.........................................................................12 Keep up to date................................................................................................................12 Chapter summary ......................................................................................................................12 4. Taint Checks .................................................................................................................................15 In this chapter... .........................................................................................................................15 The importance of validating input ...........................................................................................15 Sending user data to an application.................................................................................15 Using user data in a call to open......................................................................................16 The fundamental issue.....................................................................................................17 What is taint mode?...................................................................................................................17 Enabling taint mode.........................................................................................................18 Taint and the environment ...............................................................................................18 PERL5LIB, PERLLIB, PERL5OPT......................................................................19 Using taint and laundering data.......................................................................................19 Examples using taint........................................................................................................20 Sending user data to an application .......................................................................20 Using user data in a call to open ............................................................................20 Capturing without laundering..........................................................................................21 Taint and locales ..............................................................................................................22 Taint traps.................................................................................................................................22 Output functions ..............................................................................................................22 Opening a file for reading................................................................................................23 Invoking a subroutine via symbolic reference.................................................................23 Method calls...........................................................................................................24 Calling dbmopen .............................................................................................................24 Perl Training Australia (http://perltraining.com.au/) iii Using DB_File.................................................................................................................25 Multi-argument system or exec .......................................................................................25 Taint and unicode.............................................................................................................25 Improvements on taint...............................................................................................................25 Chapter summary ......................................................................................................................26 5. Opening files .................................................................................................................................29 In this chapter... .........................................................................................................................29 Using the wrong open ...............................................................................................................29 The 2-argument version of open......................................................................................29 A better open - the 3-argument version.....................................................................................30 Further problems with open ......................................................................................................30 Symbolic links .................................................................................................................30 Avoiding race conditions .................................................................................................31 An even better open - using sysopen.........................................................................................32 Examples of using sysopen .............................................................................................33 Creating files safely...................................................................................................................34 New file permissions .......................................................................................................34 Writing to files safely................................................................................................................35 Safely opening temporary files .................................................................................................35 Sharing anonymous files with other processes................................................................36 Through fork and exec.....................................................................................................36 When the process wants an actual file .............................................................................37 File locking ...............................................................................................................................38 Chapter summary ......................................................................................................................39 6. Executing system commands .......................................................................................................41 In this chapter... .........................................................................................................................41 Using system and exec ..............................................................................................................41 Multi-argument system/exec ...........................................................................................41 Replacing backticks ..................................................................................................................42 General guidelines for backticks and system ..................................................................43 Chapter summary ......................................................................................................................43 7. Dropping privileges in Perl ..........................................................................................................45 In this chapter... .........................................................................................................................45 Privileges the Unix way ............................................................................................................45 Using Proc::UID .......................................................................................................................46 The preferred (logical) interface......................................................................................46 The variable interface ......................................................................................................47 A minor caveat .......................................................................................................47 Functional interface.........................................................................................................48 Privilege Separation ..................................................................................................................48 Dropping code privileges with the ’ops’ pragma......................................................................49 Safe compartments...................................................................................................................49 Using Safe .......................................................................................................................50 Creating a compartment.........................................................................................50 Permitting and denying opcodes............................................................................51 Sharing code and variables ....................................................................................51 Executing code and retrieving the return values ....................................................53 A practical application.....................................................................................................54 Common pitfalls ..............................................................................................................56 Running untrusted code .........................................................................................56 iv Perl Training Australia (http://perltraining.com.au/) Poor access restrictions ..........................................................................................56 Not using other safety mechanisms .......................................................................56 chroot .......................................................................................................................................56 The chroot jail..................................................................................................................57 chroot limitations.............................................................................................................57 An alternative - use a virtual machine .............................................................................58 User Mode Linux.............................................................................................................58 Chapter summary ......................................................................................................................58 8. Database Security .........................................................................................................................61 In this chapter... .........................................................................................................................61 SQL injection attacks ................................................................................................................61 DBI and taint .............................................................................................................................63 Temporarily disabling Taint.............................................................................................64 Chapter summary ......................................................................................................................65 9. Tricks and traps ............................................................................................................................67 In this chapter... .........................................................................................................................67 Tricks........................................................................................................................................67 Allowing relative paths....................................................................................................67 Restricting information give-away ..................................................................................67 Diagnostics and web applications..........................................................................68 Traps.........................................................................................................................................68 The diamond (<>) construct ..........................................................................................68 The poison null-byte........................................................................................................69 Opening the wrong file...........................................................................................70 Passing the wrong value.........................................................................................70 Taint to the rescue ..................................................................................................71 Past issues with Perl ..................................................................................................................71 glob.................................................................................................................................72 Algorithmic complexity attacks ......................................................................................72 Perl’s hash function................................................................................................72 Sorting....................................................................................................................72 Malloc wrapping..............................................................................................................73 suidperl ............................................................................................................................73 Issues with scripts vs compiled code ........................................................................................73 suidperl ............................................................................................................................73 Chapter summary ......................................................................................................................74 10. Random numbers........................................................................................................................75 In this chapter... .........................................................................................................................75 Random Numbers .....................................................................................................................75 Uses of random numbers.................................................................................................75 Cryptography .........................................................................................................75 Session IDs.............................................................................................................75 Simulations ............................................................................................................77 Perl’s random numbers (rand and srand).........................................................................77 Pseudo-random numbers .................................................................................................78 Good sources of random numbers...................................................................................78 Chapter summary ......................................................................................................................79 Perl Training Australia (http://perltraining.com.au/) v 11. Conclusion ..................................................................................................................................81 What you’ve learnt ....................................................................................................................81 Where to now? ..........................................................................................................................81 Further reading.........................................................................................................................81 Books..............................................................................................................................81 Online ..............................................................................................................................82 12. Colophon.....................................................................................................................................83 Cover Art..................................................................................................................................83


网友评论