June 9th, 2005, 01:13 AM
One point that I thought was clear but there seems to be some confusion about. Most web applications are not a single application, but a series of smaller applications working together. (This site for example uses "newreply.php" and "showthread.php" among others, consequently least privilege and RBAC applies even though they may be subcomponents of the same web application.)
chsh, what part of "I do not wish to argue this point with you further" was unclear? You're trolling, that much is clear. You made a point about how minimizing exploits was not the right approach, then flip-flopped after it was pointed out that is all any security mechanism do.
Clearly nothing more can come of this conversation with you. You have made your points and I mine, the readers can decide what they think has value without drawing this out in a round and round conversation.
1. The proposal I made in no way prevents database indexing.
2. The first line of defense starts with the operating system and should be containment. For the scope of this article however it is frequently impractical to apply universal data sanitation to an existing product, especially in an easily auditable manner.
3. Exactly. Unfortunately these are not always availible to users, especially at the shoestring level.
4. True, but unfortunately most web applications out there operate in this manner, and it is simple not feasible for users to rewrite these elements.
5. Also true, however my suggestion was merely to aid confidentiality for specific applications where the security requirements outweighed the performance requirements.
Proper anaylsis and design are important, but again beyond the scope of a shoestring document. Hell the best way to go (with no regard for required resources) is likely to be using a high assurance OS and a high assurance RDBMS with NIC or router level dencryption of secured objects. How useful would that tutorial be?