From: David MENTRE <dmentre@linux-france.org>
To: Thomas Fischbacher <Thomas.Fischbacher@Physik.Uni-Muenchen.DE>
Cc: Richard Jones <rich@annexia.org>, caml-list@inria.fr
Subject: Re: [Caml-list] How to secure an OCaml server
Date: Sat, 28 Feb 2004 22:04:19 +0100 [thread overview]
Message-ID: <87y8qmkjak.fsf@linux-france.org> (raw)
In-Reply-To: <Pine.LNX.4.58.0402282112120.7058@seekar.cip.physik.uni-muenchen.de> (Thomas Fischbacher's message of "Sat, 28 Feb 2004 21:24:13 +0100 (CET)")
Thomas Fischbacher <Thomas.Fischbacher@Physik.Uni-Muenchen.DE> writes:
> This is a quite general situation that comes up when you store data on
> your server in a hash in such a way that an external source can control at
> least part of the hash keys.
Ok, thanks for the explanation.
That might be an issue in my program as I'm using a lot of hash tables
(Perl habits ;). I still need to determine if those hash tables are
influenced by external output, in current and next design. Or I might
drop those hash tables in favor of more suitable data structures for
performance and security reason. I've not yet considered performance
issues.
Any way, many thanks Thomas and Richard for your explanations.
And thank you also Yutaka for your initial comments.
Yours,
david
--
David Mentré <dmentre@linux-france.org>
-------------------
To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners
next prev parent reply other threads:[~2004-02-28 21:04 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-02-28 15:10 David MENTRE
2004-02-28 16:37 ` David MENTRE
2004-02-28 16:44 ` Yutaka OIWA
2004-02-28 16:54 ` Richard Jones
2004-02-28 17:06 ` Thomas Fischbacher
2004-02-28 19:29 ` Richard Jones
2004-02-28 19:41 ` David MENTRE
2004-02-28 20:20 ` Richard Jones
2004-02-28 20:28 ` Thomas Fischbacher
2004-02-28 20:29 ` Richard Jones
2004-02-28 20:38 ` Thomas Fischbacher
2004-02-28 20:24 ` Thomas Fischbacher
2004-02-28 21:04 ` David MENTRE [this message]
2004-02-28 23:16 ` Yamagata Yoriyuki
2004-02-28 23:49 ` Thomas Fischbacher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y8qmkjak.fsf@linux-france.org \
--to=dmentre@linux-france.org \
--cc=Thomas.Fischbacher@Physik.Uni-Muenchen.DE \
--cc=caml-list@inria.fr \
--cc=rich@annexia.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).