| dharana 2005-04-07, 5:58 pm |
|
Gregory (Grisha) Trubetskoy wrote:
>
> With this implementation - is there still any advantage to usnig a DBM
> at all?
>
> I still think that security needs to be addressed slightly better -
> perhaps explicitely setting permissions - perhaps putting sessions in a
> subdirectory only readable, writable and executable by apache user would
> make it a bit cleaner. The current mod_python DBMSession does not
> explicitely set permissions which is a problem. (though inserting a bad
> pickle into dbm is slightly harder than just just writing a file and
> then calling a url that you know will cause mod_python to attempt to
> unpickle it)
>
> Also, I don't see any locking here, I think it's needed.
I used tempfile.gettempdir() in order to send you the patch because this
was the style used by DbmSession. So what would be the correct thing to do?
- check that it's only readable/writable by the apache user
- check that the passed sid passes /^([a-f0-9]{32})$/
If you want me to I can make cPickler use protocol 2, add locking and
those extra checks and send back the updated file. If someone more
skilled than me prefers to do it just tell me.
|