Idea for improving Security agains CSRF - Joomla! Forum - community, help and support
hi everbody,
according http://groups.google.com/group/joomla-d ... 4971fea503 thinking improving joomlas security against csrf. maybe nonsene let's talk it.
the first problem is: every executing functions (like saving, deleting, updating...) called directly get-parameters , fed data. why not call executing functions "taskmanager".
here description "taskmanager":
when calling form new task created (using taskmanagers api) , filled in database. task includes information user, component, task, time, hash-value , on. when sending form formula-data not sent executing function of used component directly, taskmanager "option=com_taskmanager&task_id=555". taskmanager compares submited hashvalue, checks if task in given timelimit , if user allowed perform task. if everthing ok submited data lead executive function of destinated component.
in system using taskmanger hacker have guess valid task-id, corresponding hash-value , function given task leading adressing executive function. think make csrf impossible because afaik impossible read data of window or frame domain of javascript, jscript or other scriptlanguages executed clients (server-side-scriptlanguages create new session, , ajax-requests limited 1 domain). not task-id or corresponding hash-value two-step-hack.
the second problem is: webmasters working (super-)administrator-accounts doing simple things writing articles... every hack on webmasters session hack full rights. more secure when adding kind of rootlevel on unix or linux-systems. means: super-administrator logs in , works usual until needs critical function installing addons, uploading files, adding new users , on. tasks needs on root-level. described task-manager possible change level asking admins password when executing task. time-consuming jobs installing amount of addons solution go on rootlevel limited time help. instead of logging of when surfing on other websites enough log out form rootlevel.
maybe idea worth working on, maby not
ciao b2m
according http://groups.google.com/group/joomla-d ... 4971fea503 thinking improving joomlas security against csrf. maybe nonsene let's talk it.
the first problem is: every executing functions (like saving, deleting, updating...) called directly get-parameters , fed data. why not call executing functions "taskmanager".
here description "taskmanager":
when calling form new task created (using taskmanagers api) , filled in database. task includes information user, component, task, time, hash-value , on. when sending form formula-data not sent executing function of used component directly, taskmanager "option=com_taskmanager&task_id=555". taskmanager compares submited hashvalue, checks if task in given timelimit , if user allowed perform task. if everthing ok submited data lead executive function of destinated component.
in system using taskmanger hacker have guess valid task-id, corresponding hash-value , function given task leading adressing executive function. think make csrf impossible because afaik impossible read data of window or frame domain of javascript, jscript or other scriptlanguages executed clients (server-side-scriptlanguages create new session, , ajax-requests limited 1 domain). not task-id or corresponding hash-value two-step-hack.
the second problem is: webmasters working (super-)administrator-accounts doing simple things writing articles... every hack on webmasters session hack full rights. more secure when adding kind of rootlevel on unix or linux-systems. means: super-administrator logs in , works usual until needs critical function installing addons, uploading files, adding new users , on. tasks needs on root-level. described task-manager possible change level asking admins password when executing task. time-consuming jobs installing amount of addons solution go on rootlevel limited time help. instead of logging of when surfing on other websites enough log out form rootlevel.
maybe idea worth working on, maby not
ciao b2m
Comments
Post a Comment