Join Bill Weinman for an in-depth discussion in this video security issues, part of Using Perl/CGI Scripts.
- Now that you know how to download CGI scripts from the internet and install them on your server, it's worth talking a little bit about security issues. Let me start by saying that I am not, I don't consider myself an expert on computer security. That's a whole field in itself and a very, very intricate and complex field, and yet, that said, I've had a pretty good record with my own servers, in not having them broken into for a number of years, and I do certain things to try and prevent that from happening.
But it's important to recognize that security is always a trade-off. Whenever you connect a computer to a worldwide network, no matter what you do, there's always going to be some vulnerabilities. And so, you need to take an assessment of the risk. You need to say, what are the risks? What are the potential exposures, and how much time and effort and headache and worry and money, ultimately, is it worth to mitigate those risks? And these are questions that only you can answer.
Like, for example, with the counter program, it's possible for somebody to set up a webpage someplace else that connects to that counter program and increments the number. Now, there are some things you can do to make that more difficult for the external people to hijack that script, and there are more severe measures that you can make to make it even more difficult than that, and these cost incrementally more time and money and experience and effort, and there's always the risk that somebody will get around those protections.
So, your counter script, you know, how much effort is it worth to prevent that from being hijacked? What are the costs of that happening, and how much effort is it worth to prevent that? And how much effort is it going to be worth on somebody else's part to, you know, what benefit do they get out of it? Although sometimes it's just for the fun of it. So, these are the kinds of things that you want to think about. On the other hand, perhaps you have a program like the old MSA FormMail script, the Matt's Script Archive FormMail script, which is notorious on the internet for being hijacked, because as we noticed, the form fields are sent over the clear when we send a post or a get from a form, and so, if a script like the old FormMail script from Matt's Script Archives actually encodes the e-mail address in the form data in a hidden field, it would be easy and beneficial for somebody outside of your server to go ahead and code say a long list of addresses that they want to send an advertisement to and hijack that script to send off their spam.
And that is actually one of the largest security holes on the internet. I saw one survey that said that was the third largest security problem on the internet today, right behind a couple of the biggest viruses, like Code Red. So, there are various types of exposure, and so, when you install CGI scripts that come from a source other than yourself, or somebody who is responsible to you, like a hired programmer, you are taking risks. Even when you install my scripts, you are taking a risk, because ultimately you are the one that's going to have to be responsible for the consequences of what happens on your server.
So, think about those risks. Assess what the potential risks are, what the potential costs are, what sorts of things you can do to mitigate them and how much that costs, and balance it out and think about that. So, here's a little list of some of the things that can go wrong. Form submissions can come from anywhere. We just talked about that, in the case of the FormMail problem. Malicious hijacking of CGI scripts is rampant. Well, especially that one particular CGI script, and people have actually written robots to look around the internet for that particular script and hijack it when they find it.
Badly-written code can subject your server to hacking, the hacking in the sense of the bad things that people do. Hacking, you know, has two meanings. Some of us who have been programming for a long time used to call ourselves hackers in a very positive sense, in that we could go in and do all kinds of clever and wonderful things in obscure pieces of code, but in a good way, not in a bad way. As the superhero says, use your superpowers only for good and not for evil. But there are people who use their hacking skills for evil, and so, if your code is written particularly badly it may open your...
But again, if you've got your website backed up and somebody gets into your web server and changes it and puts up some weird message, and you've got it backed up and you can just restore it. It's inconvenient, but is it worth thousands and thousands of dollars of a security audit from a professional to prevent that? Well, only you can really decide. On the other hand, if you're storing credit card numbers on your server and you're taking orders, then security becomes a bigger issue, but, of course, you've probably got the revenue to deal with it also.
So, these are the kinds of things you want to think about. And the final one is tainted data, and this is an interesting and slightly obscure subject. It may be a little bit abstract for some of you. It might take a little bit of effort to wrap your brain around this. But what it means is that data that comes from the outside world is considered tainted. If you've got a form on your website and I can come along and type things into that form and that form gets submitted to your server, which then processes that data in some way, that data is considered tainted.
And so, you need to be careful what you do with tainted data. Are you going to pass it directly to a command line program, like the infamous Sendmail? Well, there are people who know exactly what sorts of characters to put into data that's going to be passed to Sendmail that will grant them access to things like the password file on your computer. So, tainted data is something to think about, especially if you're writing CGI programs, but even if you're installing them and you know that this program is going to be used in ways that may expose tainted data to something powerful, you might want to hire a consultant, somebody who knows about these things for a couple hundred bucks, to look at it and say, is this okay? And, of course, Perl has some facilities built in for looking at the way that tainted data is used, and you might want to see if it's got that capital T on the shebang line, which would tell it to check for tainted data and the bad ways that tainted data can be used.
So, these are some of the problems that you might think about, and in the next lesson, we're going to talk about some of the things that you can do to mitigate those problems in your installations and in your server.
Download the scripts used in the movies from the Exercise Files tab.
- What is Perl?
- What is CGI?
- Installing a Perl script
- Installing a hit counter
- Installing a contact form script
- Installing a blog script
- Security issues