Update
0 views
Skip to first unread message
Jonathan Leto
May 1, 2010, 12:35:09 PM5/1/10
to plpa...@googlegroups.com
Howdy,
I recently merged the branch "security" into PL/Parrot, which allows
PL/Parrot to intercept calls to Filehandle.open, File.open and the
open opcode. It requires a Parrot newer than 2.3.0 (r45961 and above,
specifically) to work properly. The current implementation is just a
start. We just override the function and return 42, so that in the
tests, we can verify that our version of 'open' is called. What we
actually need is a way for the person compiling PL/Parrot to decide
what level of security they want and what should happen if a
"disallowed" function is called. I assume that people will want this
error logged somewhere, instead of core dumping. I heard Selena really
likes core dumps...
Things to do:
1) Allow configuring of what happens when disallowed Parrot
functions/opcodes are called
2) Proper testing of 1)
3) Add tests for intercepting "copy" and "rename"
4) Ability to call elog() from PIR
5) Give a big, loud security warning when someone configures PL/Parrot
with a revision below r45961, describing the security implications. By
default, it should fail to configure, unless some flag is given like
--i_want_my_gibson_hacked or something nefarious-sounding.
6) We need documentation (any would be nice..)
7) I would like to have a website in place before PGCon, anybody want
to help with that?
8) Logo/Mascot images, anyone? I imagine a miniature PostgreSQL
elephant, riding on the wings of a green Parrot.
9) Syntax errors in PIR cause the pg backend to coredump. This is
caused by a bug in Parrot. Let me know if you want to dig your teeth
into this.
I am sure I can think of more, but this is a start.
Duke
--
Jonathan "Duke" Leto
jona...@leto.net
http://leto.net
I recently merged the branch "security" into PL/Parrot, which allows
PL/Parrot to intercept calls to Filehandle.open, File.open and the
open opcode. It requires a Parrot newer than 2.3.0 (r45961 and above,
specifically) to work properly. The current implementation is just a
start. We just override the function and return 42, so that in the
tests, we can verify that our version of 'open' is called. What we
actually need is a way for the person compiling PL/Parrot to decide
what level of security they want and what should happen if a
"disallowed" function is called. I assume that people will want this
error logged somewhere, instead of core dumping. I heard Selena really
likes core dumps...
Things to do:
1) Allow configuring of what happens when disallowed Parrot
functions/opcodes are called
2) Proper testing of 1)
3) Add tests for intercepting "copy" and "rename"
4) Ability to call elog() from PIR
5) Give a big, loud security warning when someone configures PL/Parrot
with a revision below r45961, describing the security implications. By
default, it should fail to configure, unless some flag is given like
--i_want_my_gibson_hacked or something nefarious-sounding.
6) We need documentation (any would be nice..)
7) I would like to have a website in place before PGCon, anybody want
to help with that?
8) Logo/Mascot images, anyone? I imagine a miniature PostgreSQL
elephant, riding on the wings of a green Parrot.
9) Syntax errors in PIR cause the pg backend to coredump. This is
caused by a bug in Parrot. Let me know if you want to dig your teeth
into this.
I am sure I can think of more, but this is a start.
Duke
--
Jonathan "Duke" Leto
jona...@leto.net
http://leto.net
Jonathan Leto
May 1, 2010, 12:59:04 PM5/1/10
to plpa...@googlegroups.com
Howdy,
Somehow, 9) got fixed in Parrot in the last few days. I will try to
add a test for it in Parrot core, so it stays that way.
Duke
Somehow, 9) got fixed in Parrot in the last few days. I will try to
add a test for it in Parrot core, so it stays that way.
Duke
Jonathan Leto
May 1, 2010, 4:11:26 PM5/1/10
to plpa...@googlegroups.com
Howdy,
After more research 9) did not get fixed, it is that it only manifests
for actual syntax errors, not errors where you give the wrong types of
args to an function/opcode or call an unknown opcode.
Duke
After more research 9) did not get fixed, it is that it only manifests
for actual syntax errors, not errors where you give the wrong types of
args to an function/opcode or call an unknown opcode.
Duke
Reply all
Reply to author
Forward
0 new messages