How does having 3 different copies of the ID help when all 3 can be modified by the end-user?
If someone is even moderately interested in deleting records from the db, the fact that there's 3 fields to change instead of 1 doesn't raise a significant barrier. Anything in a form, url, or cookie can be manipulated by the end user with little trouble. There are many ways of making things more secure, but they all boil down to checking the presented security credentials in the same request as the delete. So if the user needs to be in role "X" to delete from the db, check that they're still in role "X" as a verification before you delete. I mean, you can fire your administrator but if they've still got an active session on a browser (or even worse, a persistent client variable that keeps them "logged in") your new permissions (not in role "X" anymore) will be ignored and they can go delete at will before they pack their things and go... Regards, John Paul Ashenfelter CTO/Transitionpoint [EMAIL PROTECTED] ----- Original Message ----- From: "Michael Traher" <[EMAIL PROTECTED]> To: "CF-Talk" <[EMAIL PROTECTED]> Sent: Tuesday, September 16, 2003 10:51 AM Subject: RE: Best method for securely deleting a record > One possibility if you are concerned about the ID being tampered with, > is to send it in several different ways and compare them all in the > action page, hidden field, url and if possible create a form field whose > _name_ contains the id. A tampered is less likely to change all > instances. If any do not match reject the delete. > > Michael Traher > Systems Manager > ICLP (London) > > > -----Original Message----- > From: Angel Stewart [mailto:[EMAIL PROTECTED] > Sent: 16 September 2003 15:39 > To: CF-Talk > Subject: Best method for securely deleting a record > > Hey all, > > I've done this many times before, but I am now doing an application > where I need to be a bit more careful with regards to security. > > What's the best way to delete a record? > > When you Insert a record that's fine..no trouble there. > > Updating? You could forward the ID as a Form field, and again there's > not a real issue. > > But deleting. > Don't want to pass the ID as a URL, so it can't be done from an HREF > link. > > What's the best way to do this from a single form, perhaps the same form > that performs the Modify feature. > > Is it ok to pass an ID for a record to be deleted in the Form scope? > OR could the ID be set as a temporary Session variable that the delete > action section would detect and perform the delete on. > > How do you all handle this? > > -Gel > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm
