[xslt] Beginning for a security framework for libxslt

From: Daniel Veillard <veillard redhat com>
To: xslt gnome org
Subject: [xslt] Beginning for a security framework for libxslt
Date: Thu, 10 Oct 2002 11:58:58 -0400

  This is something I had in mind for quite a long time, basically
an XSLT processing can fetch/read/write files or resources all around
without much control. I also got request so that new directory could
be created when so specified by exslt:document and like, and I didn't
want to do it before there was a way to forbid this if needed.

  As a result I added a set of new APIs to be able to define security
preferences dynamically (either global or per transformation), added 
a number of checking points where it was looking necessary (not I did look
only quickly and didn't do it for EXSLT extensions, more eyeball checking
and patch gladly welcome), and a couple of options to xsltproc to test
and control this framework:
    	--nowrite refuse to write to any file or resource
	--nomkdir refuse to create directories

  Basically --nowrite will block exslt:document on-the fly document
creation, while --nomkdir will limit itself to block directory creation.

  The current set of option where the policy can be defined are exported
from <libxslt/security.h> :
    XSLT_SECPREF_READ_FILE
    XSLT_SECPREF_WRITE_FILE
    XSLT_SECPREF_CREATE_DIRECTORY
    XSLT_SECPREF_READ_NETWORK
    XSLT_SECPREF_WRITE_NETWORK

I think they are self explanatory, more may be needed (I think there are
other options that one may want to disable other than purely for file
accesses), as usual patch welcome. They also might need to be better integrated
with catalogs like the --nonet option, so this is clearly a work in progress.

  The change has been commited in CVS:

http://cvs.gnome.org/bonsai/cvsquery.cgi?module=libxslt&branch=HEAD&branchtype=match&dir=libxslt&file=&filetype=match&who=veillard&whotype=match&sortby=Date&hours=&date=explicit&mindate=10%2F10%2F02+11%3A25&maxdate=10%2F10%2F02+11%3A27&cvsroot=%2Fcvs%2Fgnome

Daniel

-- 
Daniel Veillard      | Red Hat Network https://rhn.redhat.com/
veillard@redhat.com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/

Follow-Ups:
- Re: [xslt] Beginning for a security framework for libxslt - featureRequest
  - From: Bernhard Zwischenbrugger

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]