Re: [UMP] Server opt-in

On Thu, Jan 14, 2010 at 11:34 AM, Adam Barth <w3c@adambarth.com> wrote:
> On Thu, Jan 14, 2010 at 9:20 AM, Tyler Close <tyler.close@gmail.com> wrote:
>> The confidentiality of a resource can be compromised by a CSRF
>> vulnerability in a legitimate client.
>
> Can you define what you mean by CSRF?  I think we must have different
> ideas about what the term means because I don't understand that
> sentence.

I should have said CSRF-like, by which I mean a Confused Deputy
attack. I've been using the former term since some people find it
easier to understand.

For example, imagine a client using a third-party storage service. To
copy data from one file to another, they do a GET on one URL for the
source file, followed by a POST to another for the destination file.
If the storage service is an attacker, it could tell the client the
source file's URL is the URL for a resource the client can read, but
the storage server cannot. The confidentiality of this resource is
then compromised by a legitimate client that fell victim to a
CSRF-like attack.

--Tyler

-- 
"Waterken News: Capability security on the Web"
http://waterken.sourceforge.net/recent.html

Received on Friday, 15 January 2010 00:34:18 UTC