[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security fix that started all this

On 9/8/06, David Van Ginneken <..hidden..> wrote:

On 9/8/06, Tony Fraser < ..hidden..> wrote:
On Fri, 2006-09-08 at 15:43 -0400, Christopher Murtagh wrote:
>  The plan is to move all the files in users/ into a central database,
> and the same for user modified templates and css. The advantages this
> has are:

OK, so where do you plan to store the DB authentication information? Or
do you plan to give every user their own DB account? Or do you plan to
just have one DB account for all the companies in a installation?

> - the server doesn't need file permissions anywhere anymore

I'm not a big fan of this situation either.

> - a goof in an apache config won't expose members or username.conf

That's why I always move the userdir outside of the web root.

> - portability issues in dealing with filesystems (allowed chars, case,
> etc..) are all gone

That would be nice. But moving the info into the DB isn't necessarily
the solution.

> Also, we can move to a plugable authentication and support other
> mechanisms (LDAP, Basic HTTP Auth, Kerberos, etc..) and store user
> data in the db.

The question still stands: Do we really want server side _per session_
or was it just the way that seemed easiest to solve the problem at hand?

Tony Fraser
Sybaspace Internet Solutions                        System Administrator
phone: (250) 246-5368                                fax: (250) 246-5398

Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
Ledger-smb-devel mailing list

Your approach is interesting.  I'm not sure it is doable since (If I am understanding it correctly)  it requires every link to be the result of a posted form.  All of the menu links would not work correctly. 
You still would be able to pass the sessionid around in the URL to rid the need for cookies. Similiar to how the timestamp was done in the past.  But we could remove the timeout & login information and keep that server side.

Just tossing out some thoughts :)

Oops, missed the list.