If you read about the Key class (http://code.google.com/intl/cs/ appengine/docs/python/datastore/keyclass.html) you'll come across the fact that Key is defined by a few values: appid, kind, id/name, namespace, parent, etc. You would think that this is all good and well until you come to the fact that you can get the Key object encoded into a string which can be passed around the application (helpful when you're doing some stuff with TaskQueues). Now, sometimes it is useful to use the encoded key as a reference to something in a GET/POST request from the client. There's nothing wrong with that if you don't use the namespaces. However, when namespaces are used to separate the objects in the Datastore and you rely on the fact that the namespace_manager will manage the namespace for queries, things get complicated.
See, the encoded key can be decoded directly to a Key object and as such can have the namespace value defined. This means that if you use this Key to fetch an object from the Datastore the fetched object might be from other namespace as currently defined in the namespace_manager and should not be accessible. This is a potential vulnerability if you do not validate the namespace in the Key before using it. Did I got this right? Regards, Uros On Jan 26, 10:09 pm, tobik <[email protected]> wrote: > Google mentions some vulnerabilities when working with Namespaces: > > Note: An application that reads Keys, or other namespace-aware > objects, from untrusted sources (like the web browser client) > introduces security vulnerabilities. Applications that rely on keys > from untrusted sources must incorporate a security layer verifying > that the current user is authorized to access the requested > namespace.http://code.google.com/intl/cs/appengine/docs/python/multitenancy/mul... > > I'm not sure if I understand it correctly. What kind of > vulnerabilities does Google mean? Could you provide me some example, > what should I be careful about? -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
