Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: David Wheeler (dwheelerida.org)
Date: Wed Aug 22 2001 - 09:59:28 CDT
>That's why sites with only one entry point are easier to manage and easier to
>address their security (as in data-from-the-user issue.)
>One can use a MVC model, and have only one entry in the site to do the
>`dispatching'. That entry can do proper checkings and all.
That's a very reasonable approach, and often worthwhile for other reasons.
Unfortunately, I think that's less helpful when dealing with PHP's problems.
Starting from the single entry you'd "dispatch" to many different programs,
and unless all those programs carefully reset all variables (it's the
transitive closure problem), you're still vulnerable.
The front-end can make sure that only a given list of variables are
set, and that would help. However, what if a variable from that list is
set when one of the dispatchees wasn't expecting it from the outside?
In any case, this all requires unusual amounts of diligence.
Programming is hard enough without requiring superhuman feats of diligence
for common activities that are automatically secure in other languages.