|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Reviewing security parameters
From: exon (exon
home.se)
Date: Fri Apr 16 2004 - 13:39:18 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Simon Lemieux wrote:
> Hi there,
> I just composed a login page for my administration of my website.
>
> I just wanted to make sure I had taken everything in consideration when
> programming that php script. My main focus is, of course, security.
>
> At first a login variable is initialized with "guest" in it. If the
> whole script fails or if the user was not granted access, it will return
> "guest". It is then the duty of the index.php (that called my login
> script) to check what login was returned and take action if it was
> "guest", like refusing all access. But as you see the script is also
> designed to let a guest come in and still use some things.
>
> Guest access is denied on my administration page of course.
>
> The script checks if it was run using SSL. If not it will automatically
> return the "guest" user and will print a link to the same page with
> https://... So it always authenticate users with SSL.
>
> Also, the inputs the user will send to login are the forms _REQUESTs
> that contains login and password and then the input become a COOKIE
> which contains a random ID. All these inputs are checked to see if they
> are trustable; they must contain only letters and numbers, I've also
> allowed some punctuation but no " or '...
>
> The Cookie ID is a string of 32 characters given randomly and stored in
> a login database with the user's IP address and user ID.
>
> So I check to see if both ID and IP matches the user's.
>
> At any point if the Cookie contains wrong information or if it contains
> untrustable characters, the user is disconnected (ie. all login records
> are closed and user will have to re-auth).
>
> Logins, disconnection, bad login/passwords, untrustable characters are
> reported in a Log database.
>
> Do you guys think this script is safe?
>
If you post it I might be able to tell you. If you don't, then there's
no way of telling if the script is safe or not. It sounds like you're
thinking in a good direction, but until I see the code I can't really be
of more help than that.
> Thanks,
> Simon
>
You're welcome.
/Andreas
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]