Hi people,
http://search.cpan.org/~mramberg/Catalyst-Runtime-5.7001/lib/Catalyst/Manual/Tutorial/Authentication.pod
I was reading trough the Authentication Tutorial in the Catalyst
documentation, and found something I believe could be a
security-problem in applications using this approach. I guess you can
look at it as a typo too. :P
In the code for the auto:private it says;
# Allow unauthenticated users to reach the login page
if ($c->request->path =~ /login/) {
return 1;
}
This regex will allow unauthentificated users to access restricted
pages and extract information.
If /admin/list/users is protected by the regex above, unauthenticated
users can access /admin/list/users/login, where the regex will match
only the "login" part of the path.
How to fix this? Easy! :) Change the regex from /login/ to /^login/ or
whatever location your login-form is. ('^' matches line start)
--
Kay Bærulfsen
_______________________________________________
List: [email protected]
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
