> anyway, you have been warned by lots of people on why you don't want to d= > o > this. i repeat their warnings. with exclamation points. on the other h= > and, > sometimes there is just no other way to get the job done...
Ok, I won't do it this way. > 3. write a daemon that sits on a socket. the daemon runs as root (or wh= > atever > user you need it to run as). clients (your CGI program) make socket= > connections > to the daemon, authenticate themselves as necessary, and make the re= > quest, > the daemon performs the necessary operations and returns the reply v= > ia the > socket. > > this makes the cracker's job a little more difficult since a buffer = > overflow needs=20 > to first work without killing the CGI program, and then when it runs= > in the daemon, > it's probably not going to be interactive, so a buffer overflow payl= > oad would have > to be complete and self-contained in one request. Easy enough to protect against a buffer overflow. I could even encrypt messages passed back and forth. This is probably the best suggestion. > > hmmm, i'm curious, how do you become administrator temporarily using ISAP= > I? =20 > you have to provide a password (which is probably embedded in your exe)? = > or there is=20 > something like the suid bit which can be set so that no passwords need to= > be embedded=20 > in programs. embedding administrator or root passwords in programs is a = > VERY bad=20 > thing. even file access controls (e.g., u+x, og-rwx, windows or linux) a= > ren't going to help=20 > you if someone can boot with a floppy and copy the binary to floppy and s= > trip the strings=20 > out at leisure. Actually, IIS under Windows, already runs as a super user, however, system privileges are disabled by default for security reasons. Performing super user tasks just requires accesing a security token from the curent thread, requesting a system privilege task on the token (i.e. changing the system date or rebooting the system), and adjusting the security's token privileges to perform the task as superuser/administrator. Once the task is complete, the privileges can be adjusted back to normal if further processing is needed, or you can simply exit the ISAPI function which will in turn terminate the thread and destroy the adjusted security token. >>4. use a nicer language if you can. ian prefers perl. i prefer php. i= >>f you must do it in C/C++, spend just as much time at auditing and securing the code a= >>s in writing the basic functionality. Isn't WEBMIN written in one of those languages? If I'm not mistaken, WEBMIN requires su privileges since it alters configuration files. Might be interesting to see how they approached the problem. Anyway, I have to admit, not too many people use C/C++ for web programming, which makes me wonder if I really have made the right choice. I've seen a few websites use it, but only for tasks that need to run very fast such as ebay's search facility or NASDAQ's symbol lookup. Of course we have our own reasons for using C/C++: a) It is truly multi-platform - logic we write can be used for web, gui, services, daemons etc... on any platform b) It is very simple to deploy. Since there is no need to install anythng else additional, most of the time, maintenance and tasks such as rebuilding servers is simplified. c) Code reuse - code/libraries I wrote ten years ago using OCI, DBLIB, encryption, customized data structures are still being used today. Ten years ago, it was in the form of DLL's used by MFC/OWL/Delphi and PowerBuilder apps. Five years ago, I was using it with Windows Services and Socket Server apps. Just recently, I use it for Windows/Linux/Solaris/FreeBSD via CGI. I have also used it against GTK and WIN32 GUI apps. The investment in code is never wasted. d) Flexibility - C/C++ allows us to expand the capabilities of our applications without too much fuss. There is always a way when you use C/C+ (i.e. device drivers, system hooks etc..). e) SDK/API availability - Applications we are working on, or have deployed, such as Telephony, Smart Cards, and even a gasoline pump interface always comes with a C/C++ library/API. An interface to other languages is usually only secondary. f) It is fast! - If you have ever written a polished pure C GUI app or have ever accessed Oracle using OCI in a compiled ISAPI/CGI binary, and have compared it to programs created with other tools then you know what I'm talking about. You get the kind of robust/crisp feeling one gets when driving a 911 or a TypeR Acura. g) The resulting binary is small - We are currently migrating an ASP web application consisting of about 500 ASP pages into C++. The result was four CGI binary files at about 100 to 150K in size. When we deploy, we only deploy four binary files and it will run on a minimal installtion of IIS or Apache. No special software needed (i.e. ADO, JAVA SERVERS etc..). I must say though, that C/C++ probably isn't the way to go when developing websites, due to its dynamic nature, however, I do recommend it for application development. For systems development, there is no question! I mean, can you imagine if GNOME was written in JAVA or if Apache was written in VB? _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
