Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Completely re-reading the security book#4606

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
weaverryan merged 5 commits into2.3fromsecurity-re-read
Dec 31, 2014
Merged

Conversation

weaverryan
Copy link
Member

QA
Doc fix?no
New docs?no
Applies toall
Fixed ticketsn/a

Well, this should be interesting :). Several years ago, I bootstrapped the security chapter and it's been there ever since. That fact doesn't necessarily mean that it was good. I've just re-read and basically re-written the chapter from scratch. I thought it was too long, too theoretical in the beginning, and it also had some extra "baggage" just from being old and having things added to it.

My goal is to:

A) Not actually remove anything of importance - I've done my best with this
B) Actually get feedback that this is better. I feel that this is better, but rewrites aren't automatically better. It's like the second album of a band - even though they're older and wiser, maybe the original is still better :). I hope not!

Todo:

  • fill in config blocks -@xabbuh if you happen to have some time and can help, I would be even more in debt to you :)

As I merge to 2.5 and up, I'll need to check for theversionadded tags on each branch and re-add those things to the new chapter.

Thanks!

.. code-block:: php-annotations

// src/AppBundle/Controller/SecurityController.php
// ...
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

you should move the empty line below above this comment

@wouterj
Copy link
Member

I left one comment (at a completely random location). I'll review the rest tomorrow


The
:method:`Symfony\\Component\\Security\\Core\\Util\\SecureRandom::nextBytes`
methods returns a random string composed of the number of characters passed as
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

method

@@ -0,0 +1,299 @@
How does the Security access_control Work?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Does

@stof
Copy link
Member

stof commentedDec 8, 2014

meh, github does not show the diff for the security book (too big diff)

use Symfony\Component\Security\Core\Util\StringUtils;

// is password1 equals to password2?
$bool = StringUtils::equals($password1, $password2);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

you should note that the order of arguments is important to avoid timing attack. The known string should be the first argument, and the user input should be the second one

@stof
Copy link
Member

stof commentedDec 8, 2014

A few comments on the book itself, which cannot be inline because the diff is not visible in the PR because of its size:

.. tip::    Supported algorithms for this method depend on your PHP version. A full list    is available by calling the PHP function :phpfunction:`hash_algos`.

This sentence is incomplete. bcrypt and pbkf2 (and plaintext) are implemented using their own encoders in Symfony. They don't rely on the DigestPasswordEncoder (which is the one relying on algorithms know by hash_algos).

The process of authorization has two different sides:#. The user receives a specific set of roles when logging in (e.g. ``ROLE_ADMIN``).#. You add code so that a resource (e.g. URL, controller) requires a specific   role in order to be accessed.

this description is again mixing roles and permission attributes (see#4158). A user receives roles, but a resource will require a specific permission attribute (whichmay be a role, but may be something else).
If you let people think resources are requiring roles, it will make things harder when explaining other voters (expressions, ACLs, authentication levels, custom voters)

.. caution::    All roles **must** begin with the ``ROLE_`` prefix. Otherwise, they won't    be handled by Symfony. If you define your own roles with a dedicated    ``Role`` class (more advanced), don't use the ``ROLE_`` prefix.

I suggest removing this sentence. If you define something not starting withROLE_, it will be a different kind of permission attributes, not of roles.
Thus, there is a discussion about stopping to represent roles as classes in 3.0, but only as strings starting withROLE_

@stof
Copy link
Member

stof commentedDec 8, 2014

The section about the@Security annotation must be removed btw. This feature of FrameworkExtraBundle is not available in Symfony 2.3. It requires 2.4+

``IS_AUTHENTICATED_FULLY`` isn't a role, but it kind of acts like one, and everyuser that has successfull logged in will have this. In fact, there are threspecial attributes like this:

Typo here:three (missinge)

* ``IS_AUTHENTICATED_FULLY``: All "logged-in" users have this;* ``IS_AUTHENTICATED_REMEMBERED``: Similar to ``IS_AUTHENTICATED_FULLY``  but important if you're using :doc:`remember me functionality </cookbook/security/remember_me>`;

This is confusing, because users will not understand the difference. This should explain thanIS_AUTHENTICATED_FULLY isnot granted to people being logged-in by a remember me cookie (the one granted to everyone isIS_AUTHENTICATED_REMEMBERED)

@weaverryan
Copy link
MemberAuthor

Guys! Thanks so much for the review on this really long thing. What's cool is that we found several small tweaks where I had just copied and pasted old docs into a new location. In other words, we face-lifted some areas that I hadn't even intended to tweak.

The changes are at sha:5d842e2. The big one is the new "ips" access_control restriction spot, where I had to change the example entirely.

I have a few small comments still pending, but if you have any big blocker concerns, please let me know. Also, as Stof mentioned, the book is not showing up as a diff, so please realize that itdid change, and I'd appreciate notes on it. Here are my blockers:

  • Comments above from Stof (I ran out of time right now so could not process them yet)
  • XML+PHP code blocks
  • Waiting a couple of days to make sure there are no other big blockers, then merging and celebrating

... and then of course I'll merge up to the other branches and put the new version stuff back :D

@xabbuh
Copy link
Member

@weaverryan Thanks so much for this great work. I'll try to put some time into updated/syncing the code blocks in the next days.

<label for="password">Password:</label>
<input type="password" id="password" name="_password" />

<!--
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

use twig comments here

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

No. this is the PHP template. It should be a PHP comment, not a Twig one

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

In HTML+PHP templates, we always use HTML comments.

@weaverryanweaverryan merged commitfe9fdac into2.3Dec 31, 2014
weaverryan added a commit that referenced this pull requestDec 31, 2014
This PR was merged into the 2.3 branch.Discussion----------Completely re-reading the security book| Q             | A| ------------- | ---| Doc fix?      | no| New docs?     | no| Applies to    | all| Fixed tickets | n/aWell, this should be interesting :). Several years ago, I bootstrapped the security chapter and it's been there ever since. That fact doesn't necessarily mean that it was good. I've just re-read and basically re-written the chapter from scratch. I thought it was too long, too theoretical in the beginning, and it also had some extra "baggage" just from being old and having things added to it.My goal is to:A) Not actually remove anything of importance - I've done my best with thisB) Actually get feedback that this is better. I feel that this is better, but rewrites aren't automatically better. It's like the second album of a band - even though they're older and wiser, maybe the original is still better :). I hope not!Todo:- [ ] fill in config blocks -@xabbuh if you happen to have some time and can help, I would be even more in debt to you :)As I merge to 2.5 and up, I'll need to check for the `versionadded` tags on each branch and re-add those things to the new chapter.Thanks!Commits-------fe9fdac [#4606] Getting my XML (and PHP) on in the new security chapteraedfcd2 [#4606] Tweaks thanks entirely to stof614da15 Changing to _ for consistency95d6a7d [#4606] Updating thanks to comments from everyone!d9a9310 Completely re-reading the security book
weaverryan added a commit that referenced this pull requestDec 31, 2014
* 2.3:  [#4606] Getting my XML (and PHP) on in the new security chapter  [#4606] Tweaks thanks entirely to stof  Changing to _ for consistency  [#4606] Updating thanks to comments from everyone!  Completely re-reading the security book  Misc changes  [Cookbook] Fix XML example of RTEConflicts:book/security.rstcookbook/map.rst.inccookbook/security/index.rst
weaverryan added a commit that referenced this pull requestDec 31, 2014
* 2.5:  [#4606] Getting my XML (and PHP) on in the new security chapter  [#4606] Tweaks thanks entirely to stof  Changing to _ for consistency  [#4606] Updating thanks to comments from everyone!  Completely re-reading the security book  Misc changes  [Cookbook] Fix XML example of RTEConflicts:book/security.rst
weaverryan added a commit that referenced this pull requestDec 31, 2014
* 2.7:  [#4606] Getting my XML (and PHP) on in the new security chapter  [#4606] Tweaks thanks entirely to stof  Changing to _ for consistency  [#4606] Updating thanks to comments from everyone!  Completely re-reading the security book  Misc changes  [Cookbook] Fix XML example of RTE
@weaverryanweaverryan deleted the security-re-read branchDecember 31, 2014 03:24
@weaverryan
Copy link
MemberAuthor

Ok guys :). I've just added a few last commits for the last comments, merged this in, the merged it up the branches. I'mfairly convinced that the merges were clean - I manually looked at the log difference between new branches to make sure changes/additions on more-recent branches were not "run over" with the merge. But if you spot anything, please let me know!

Thanks again - I will probably trynot to completely rewrite chapters in the future, though I still think more need to be re-read (but many less than even 6 months ago thanks for a lot of people here).

wouterj added a commit that referenced this pull requestJul 21, 2015
This PR was merged into the 2.3 branch.Discussion----------review all Security code blocks| Q             | A| ------------- | ---| Doc fix?      | yes| New docs?     | no| Applies to    | all| Fixed tickets |#4606 (comment)As I promised@weaverryan I now found some time to review all the security-related code blocks. :)Commits-------9099cf2 review all Security code blocks
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

6 participants
@weaverryan@wouterj@stof@xabbuh@timglabisch@linaori
[8]ページ先頭
©2009-2025 Movatter.jp