Movatterモバイル変換

cgi security

• Previous message (by thread):cgi security
• Next message (by thread):cgi security
• Messages sorted by:[ date ][ thread ][ subject ][ author ]

On Tue, 3 Apr 2001 08:59:09 +0100, Robin Becker <robin at jessikat.fsnet.co.uk>wrote in comp.lang.python in article <CnJ4eIANLYy6Ewi7 at jessikat.fsnet.co.uk>::Are there any possible break ins in lib/cgi.py that someone malicious:could exploit? The classic exploits seem quite hard to find in python:code unless people start using fixed length buffers etc, but are there:other opportunities (perhaps more pythonic)?I'm quite interested in the topic of cgi security myself, lately. I'm workingon a script that I will probably release, and I want to cross my t's and dotmy i's.Browsing the web and researching this topic a bit, it seems that a primaryrule, is to CHECK ALL USER INPUT. Or at least, don't make it possible forsystem calls to use user input.I'm writing a form-mail script, and I have two questions right now:(1) I have my script use the rfc822 module to assemble my e-mail message. Therfc822 already has some functions for dealing with e-mail message headers. Forinstance, it has functions that will search for a particular header-field byname (such as "To"), and return the addresses in that field.One thing, that seems to be important (?) is to check that at least the e-mailaddresses input by users are in the correct e-mail format.I was looking at the rfc822 module code a bit tonight, and I'm thinking:Is this really going to that much trouble, to assure that the addresses are inproper format, or is it just accepting that the input is probably not errorridden? (After all, that module is written for parsing supposedly rfc 822compliant email...not really for security checks.) I was wondering, if Ishould incorporate the regex recommended here:http://www.aota.net/ubb/Forum17/HTML/000043-1.html(It looks horrible, and I don't really "get" regular expressions. I understandthe basic concept of a regex ok, but have always avoided working with them.They've never been necessary for anything I've had to do.)(2) I'm trying to write my script so that is can use either sendmail, ifavailable, or else the smtplib module. The smtplib module already bombs if itgets a badly formatted mail, so I'm not too worried about that. I guess, onehas to be careful on unix-type systems, because the devices and programs arebasically accessed by "opening a file", and if textis the identifier pointing to a supposedly properly formatted email that Iwant to sendandPathToSENDMAIL is a identifier pointing to a string with the path to sendmail,then I can send a message as follows:f = open(PathToSENDMAIL + ' -t', 'w')f.write(text)f.close()I'm thinking this should be fairly secure, since sendmail has already beentold that the "text" that is coming next is a message, and not something thatcould possibly be executed?I suppose if I don't want that to bomb, I need to carefully check the composedmessage and make sure that it is formatted correctly?Thanks for any help,--Sheila Kinghttp://www.thinkspot.net/sheila/http://www.k12groups.org/

• Previous message (by thread):cgi security
• Next message (by thread):cgi security
• Messages sorted by:[ date ][ thread ][ subject ][ author ]