rfc:taint
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
rfc:taint [2008/07/08 00:04] – wietse | rfc:taint [2014/04/08 22:51] – Inactive levim | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Taint support for PHP ====== | ====== Taint support for PHP ====== | ||
- | * **Author:** Wietse Venema (wietse@porcupine.org) \\ IBM T.J. Watson Research Center \\ Hawthorne, NY, USA | + | * **Author: |
* **Version: | * **Version: | ||
* **Source code:** [[ftp:// | * **Source code:** [[ftp:// | ||
Line 7: | Line 7: | ||
* **Mailing list: ** [[http:// | * **Mailing list: ** [[http:// | ||
* **Miscellaneous: | * **Miscellaneous: | ||
- | * **Status: | + | * **Status: |
+ | * **Update:** A pecl extension implemented: | ||
===== Introduction ===== | ===== Introduction ===== | ||
Line 41: | Line 42: | ||
At this point I can either leave taint support turned on as a safety net in case someone introduces new mistakes into the PHP script, or I can disable taint support altogether. The run-time performance will not differ measurably, as long as the application does not trigger any alarms. | At this point I can either leave taint support turned on as a safety net in case someone introduces new mistakes into the PHP script, or I can disable taint support altogether. The run-time performance will not differ measurably, as long as the application does not trigger any alarms. | ||
- | |||
===== Introducing multiple flavors of taint ===== | ===== Introducing multiple flavors of taint ===== | ||
Line 50: | Line 50: | ||
To encourage programmers to use the RIGHT conversion function, I have implemented multiple flavors of taint. Each time data enters a PHP application from the web, from database or from elsewhere, it may be " | To encourage programmers to use the RIGHT conversion function, I have implemented multiple flavors of taint. Each time data enters a PHP application from the web, from database or from elsewhere, it may be " | ||
- | In the case of the buggy example program, data is marked as " | + | In the case of the buggy example program, data is marked as " |
The table below summarizes a number of taint flavors: it shows where a specific flavor may be added to data, where its presence may raise warnings, and how you get rid of the taint flavor. Please ignore the ugly TC_XXX names for now. That's low-level stuff that still needs to be hidden behind a user interface. | The table below summarizes a number of taint flavors: it shows where a specific flavor may be added to data, where its presence may raise warnings, and how you get rid of the taint flavor. Please ignore the ugly TC_XXX names for now. That's low-level stuff that still needs to be hidden behind a user interface. | ||
Line 63: | Line 63: | ||
The TC_SELF flavor is different from the other flavors. Instead of code injection, its purpose is to detect opportunities to hijack control over the PHP application itself. Currently, there is no conversion function that makes all data safe as input for " | The TC_SELF flavor is different from the other flavors. Instead of code injection, its purpose is to detect opportunities to hijack control over the PHP application itself. Currently, there is no conversion function that makes all data safe as input for " | ||
+ | |||
===== What has been implemented sofar ===== | ===== What has been implemented sofar ===== | ||
rfc/taint.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1