W3C home > Mailing lists > Public > www-talk@w3.org > March to April 1996

Re: custom authentication functions

From: Mike Meyer <mwm@contessa.phone.net>
Date: Thu, 28 Mar 1996 21:32:35 PST
Message-Id: <19960328.7C253D0.135CE@contessa.phone.net>
To: www-talk@w3.org
> > The "e" flag to ps on BSD-based boxes will give you the environment.
> > To get it all, you want to use "ww" as well. I don't konw SysV boxes
> Right. I'd claim that's a bug in "ps", not a problem to work around in
> the CGI spec that's not even supposed to be UNIX-specific, actually. :-)

I wouldn't call it a bug in ps; ps's job is to give you information
about a process. That's part of the information. That you've chosen to
put information you'd rather not have public in a public area is a
problem in your design; much like a password changing program that
echos the password to the screen.

CGI needs a unix-specific hook to deal with this problem. On platforms
where the process environment isn't public knowledge - or where the
CGI variables aren't in the process environment - this isn't a
problem.

> I'd hate to see the fact that the only even-mildly-secure-yet-portable IPC
> under UNIX is pipes cause the CGI spec to have some grodiness like
> additional pipes open to the script just to pass "secure" information.

I haven't looked into solutions to this; I haven't needed them. The
only one I vaguely recall tried passing the authentication information
in a second argument (oops), then wind up feeding it to the CGI script
in front of the data.

> > > Fortunately, our webservers don't have any untrusted users logging in.
> > That depends on who you are trying to protect against,
> I'd also hate to see CGI be unusable with some languages just to keep

This problem doesn't require a change in CGI. CGI is for more than
Unix. Unix systems have to find another solution. Ignoring the problem
is one of them.

> I misspoke. I meant server there. I haven't found a server that would
> pass authentication to the CGI script.

At least two used to. They've both since been fixed to not do that to
avoid the security issues above.

	<mike
Received on Friday, 29 March 1996 00:40:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:19 GMT