SlideShare ist ein Scribd-Unternehmen logo

How Plone's Security Works

Matthew Wilkes
Matthew Wilkes
Technologie
1 von 19
Downloaden Sie, um offline zu lesen
How Plone’s security works Matthew Wilkes 2011-11-04
Matthew Wilkes • Zope / Plone core developer. • Performance and Security work at the Code Distillery. • Security teams for both Zope and Plone 2011-11-04
AccessControl 2011-11-04
Aww… here goes! 2011-11-04
Object Publishing ZServer gets • request Mostly handled by publish() in ZPublisher.publish. Transaction start • Traverses to the object (or method, or Traversal adapter, etc), potentially instantiating new Get security methods. definitions Convert the permissions • to roles Checks roles required against the roles available to the user in context. Find roles in context • Aborts or commits, as required. mapply Error handling 2011-11-04
AccessControl • C and Python implementations of security. • ImplPython is much more verbose, and supports VerboseSecurity, great for debugging. • Documentation pretty poor. • Open by default. • If you don’t think about it explicitly, you will have problems. 2011-11-04
ClassSecurityInfo • The most important class for doing security in Plone. • All your classes should have one of these declarations. • Provides declarePublic, declareProtected, declarePrivate • Sets the information onto the class itself in __roles__ • Confused by subclasses and monkey patches 2011-11-04
plone.app.protect 2011-11-04
CSRF Overview • Making people do things they don’t want to without them noticing • Example: visit evilsite.com and end up changing your password on myintranet.com • Number 5 on the OWASP top 10 for 2010 2011-11-04
POSTonly not enough • But do it anyway. • Possible to fake POST request using javascript (but not read the response) • Better, but not best, for that we need a token 2011-11-04
User specificity + gotchas • Don't share CSRF tokens between users. • Especially, don’t publish your secret (e.g. in github), or evilsite.example will start generating your tokens. • Causes problems when scaling/restarting (users filling in forms can suddenly be told they're invalid). • Don’t generate a token unless you have to. 2011-11-04
SQL^W Python injection • We're (mostly!) safe from SQL injection • It's not the only kind of injection. • We’ve had two pickle injection vulnerabilities. • Never trust user input (this includes URLs!) 2011-11-04
You're doing it wrong 2011-11-04
Mistakes • Relying on magic to ensure class security is set up (call InitializeClass explicitly!) • Enabling features in external packages by accident (zope.traversing) • XSS via tal:content="structure whatever" 2011-11-04
Yet more mistakes • Accidentally making methods publishable (missing underscore, or a docstring) • Thinking not publishable is an excuse for no security • Attributes added at runtime are usually publishable • Incorrect security declarations (typos, monkey patches) 2011-11-04
How we hotfix 2011-11-04
How Plone hotfixes • A problem is reported • When possible, we give advance warning of the patch date • We work on the patch in a shared (secret) repository 2011-11-04
Structure • Applied in __init__ • Provide a log message to say it's applied (check for this!) • Mostly don't break things if you install them on the wrong versions. Mostly. • Release as an old-style product, to make it easier. • Try and provide eggs. 2011-11-04
The Code Distillery Bristol Questions? Or contact us on: alan@thedistillery.eu matt@thedistillery.eu 2011-11-04

Empfohlen

High quality iOS development
High quality iOS developmentHigh quality iOS development
High quality iOS developmentRobin Lu
 
Collins whats buggingyou-aleph
Collins whats buggingyou-alephCollins whats buggingyou-aleph
Collins whats buggingyou-alephENUG
 
Azphp phpunit-jenkins
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkinsEric Cope
 
PyCon US 2012 - State of WSGI 2
PyCon US 2012 - State of WSGI 2PyCon US 2012 - State of WSGI 2
PyCon US 2012 - State of WSGI 2Graham Dumpleton
 
IPv6 Security
IPv6 SecurityIPv6 Security
IPv6 SecuritySkeeve Stevens
 
Continuous Deployment at Disqus (Pylons Minicon)
Continuous Deployment at Disqus (Pylons Minicon)Continuous Deployment at Disqus (Pylons Minicon)
Continuous Deployment at Disqus (Pylons Minicon)zeeg
 
The jar of joy
The jar of joyThe jar of joy
The jar of joySensePost
 
Symony2 A Next Generation PHP Framework
Symony2 A Next Generation PHP FrameworkSymony2 A Next Generation PHP Framework
Symony2 A Next Generation PHP FrameworkRyan Weaver
 

Empfohlen

High quality iOS development
High quality iOS developmentHigh quality iOS development
High quality iOS developmentRobin Lu
 
Collins whats buggingyou-aleph
Collins whats buggingyou-alephCollins whats buggingyou-aleph
Collins whats buggingyou-alephENUG
 
Azphp phpunit-jenkins
Azphp phpunit-jenkinsAzphp phpunit-jenkins
Azphp phpunit-jenkinsEric Cope
 
PyCon US 2012 - State of WSGI 2
PyCon US 2012 - State of WSGI 2PyCon US 2012 - State of WSGI 2
PyCon US 2012 - State of WSGI 2Graham Dumpleton
 
IPv6 Security
IPv6 SecurityIPv6 Security
IPv6 SecuritySkeeve Stevens
 
Continuous Deployment at Disqus (Pylons Minicon)
Continuous Deployment at Disqus (Pylons Minicon)Continuous Deployment at Disqus (Pylons Minicon)
Continuous Deployment at Disqus (Pylons Minicon)zeeg
 
The jar of joy
The jar of joyThe jar of joy
The jar of joySensePost
 
Symony2 A Next Generation PHP Framework
Symony2 A Next Generation PHP FrameworkSymony2 A Next Generation PHP Framework
Symony2 A Next Generation PHP FrameworkRyan Weaver
 
Prometheus Celery Exporter
Prometheus Celery ExporterPrometheus Celery Exporter
Prometheus Celery ExporterFabio Todaro
 
Stardog talk-dc-march-17
Stardog talk-dc-march-17Stardog talk-dc-march-17
Stardog talk-dc-march-17Clark & Parsia LLC
 
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011Michael McIntosh
 
Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02TNR Global
 
Reading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted StorageReading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted StorageMichael Rushanan
 
20110903 candycane
20110903 candycane20110903 candycane
20110903 candycaneYusuke Ando
 
UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011tobiascrawley
 
Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012Alfresco Software
 
JS for multidisciplinary teams
JS for multidisciplinary teamsJS for multidisciplinary teams
JS for multidisciplinary teamsFrancisco Ferreira
 
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan GallimoreJava EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan GallimoreJAX London
 
Persistence
PersistencePersistence
PersistenceAnish Thomas Alex
 
2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJB2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJBDavid Blevins
 
Intro to the sel4 Microkernel
Intro to the sel4 MicrokernelIntro to the sel4 Microkernel
Intro to the sel4 MicrokernelMatthew Russell
 
ApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big DataApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big DataOpenSource Connections
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksJignesh Shah
 
MongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema DesignMongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema DesignDATAVERSITY
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
 
eZ Publish nextgen
eZ Publish nextgeneZ Publish nextgen
eZ Publish nextgenJérôme Vieilledent
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
2010 za con_ian_de_villiers
2010 za con_ian_de_villiers2010 za con_ian_de_villiers
2010 za con_ian_de_villiersJohan Klerk
 
"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recoveryMatthew Wilkes
 
Privacy best practice and Plone
Privacy best practice and PlonePrivacy best practice and Plone
Privacy best practice and PloneMatthew Wilkes
 

Weitere ähnliche Inhalte

Ähnlich wie How Plone's Security Works

Prometheus Celery Exporter
Prometheus Celery ExporterPrometheus Celery Exporter
Prometheus Celery ExporterFabio Todaro
 
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011Michael McIntosh
 
Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02TNR Global
 
Reading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted StorageReading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted StorageMichael Rushanan
 
20110903 candycane
20110903 candycane20110903 candycane
20110903 candycaneYusuke Ando
 
UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011tobiascrawley
 
Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012Alfresco Software
 
JS for multidisciplinary teams
JS for multidisciplinary teamsJS for multidisciplinary teams
JS for multidisciplinary teamsFrancisco Ferreira
 
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan GallimoreJava EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan GallimoreJAX London
 
2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJB2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJBDavid Blevins
 
Intro to the sel4 Microkernel
Intro to the sel4 MicrokernelIntro to the sel4 Microkernel
Intro to the sel4 MicrokernelMatthew Russell
 
ApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big DataApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big DataOpenSource Connections
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksJignesh Shah
 
MongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema DesignMongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema DesignDATAVERSITY
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploitTiago Henriques
 
2010 za con_ian_de_villiers
2010 za con_ian_de_villiers2010 za con_ian_de_villiers
2010 za con_ian_de_villiersJohan Klerk
 

Ähnlich wie How Plone's Security Works (20)

Prometheus Celery Exporter
Prometheus Celery ExporterPrometheus Celery Exporter
Prometheus Celery Exporter
 
Stardog talk-dc-march-17
Stardog talk-dc-march-17Stardog talk-dc-march-17
Stardog talk-dc-march-17
 
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
Migration from FAST ESP to Lucene Solr - Apache Lucene Eurocon Barcelona 2011
 
Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02Esp2solr eurocon-2011-presentation-111021215049-phpapp02
Esp2solr eurocon-2011-presentation-111021215049-phpapp02
 
Reading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted StorageReading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
Reading Group Presentation: Web Attacks on Host-Proof Encrypted Storage
 
20110903 candycane
20110903 candycane20110903 candycane
20110903 candycane
 
UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011UCLUG TorqueBox - 03/08/2011
UCLUG TorqueBox - 03/08/2011
 
Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012Alfresco tech talk live on solr august 2012
Alfresco tech talk live on solr august 2012
 
JS for multidisciplinary teams
JS for multidisciplinary teamsJS for multidisciplinary teams
JS for multidisciplinary teams
 
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan GallimoreJava EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
Java EE | Apache TomEE - Java EE Web Profile on Tomcat | Jonathan Gallimore
 
Persistence
PersistencePersistence
Persistence
 
2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJB2011 JavaOne Fun with EJB 3.1 and OpenEJB
2011 JavaOne Fun with EJB 3.1 and OpenEJB
 
Intro to the sel4 Microkernel
Intro to the sel4 MicrokernelIntro to the sel4 Microkernel
Intro to the sel4 Microkernel
 
ApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big DataApacheCon Europe 2012 -Big Search 4 Big Data
ApacheCon Europe 2012 -Big Search 4 Big Data
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW Locks
 
MongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema DesignMongoDB at Sailthru: Scaling and Schema Design
MongoDB at Sailthru: Scaling and Schema Design
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
 
eZ Publish nextgen
eZ Publish nextgeneZ Publish nextgen
eZ Publish nextgen
 
Vulnerability, exploit to metasploit
Vulnerability, exploit to metasploitVulnerability, exploit to metasploit
Vulnerability, exploit to metasploit
 
2010 za con_ian_de_villiers
2010 za con_ian_de_villiers2010 za con_ian_de_villiers
2010 za con_ian_de_villiers
 

Mehr von Matthew Wilkes

"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recoveryMatthew Wilkes
 
Privacy best practice and Plone
Privacy best practice and PlonePrivacy best practice and Plone
Privacy best practice and PloneMatthew Wilkes
 
Open Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveOpen Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveMatthew Wilkes
 
Progressive Enhancement using WSGI
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGIMatthew Wilkes
 
Performance for Product Developers
Performance for Product DevelopersPerformance for Product Developers
Performance for Product DevelopersMatthew Wilkes
 
High performance sites made easy
High performance sites made easyHigh performance sites made easy
High performance sites made easyMatthew Wilkes
 

Mehr von Matthew Wilkes (6)

"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery"We fixed it ourselves" - ZODB corruption recovery
"We fixed it ourselves" - ZODB corruption recovery
 
Privacy best practice and Plone
Privacy best practice and PlonePrivacy best practice and Plone
Privacy best practice and Plone
 
Open Source Security – A vendor's perspective
Open Source Security – A vendor's perspectiveOpen Source Security – A vendor's perspective
Open Source Security – A vendor's perspective
 
Progressive Enhancement using WSGI
Progressive Enhancement using WSGIProgressive Enhancement using WSGI
Progressive Enhancement using WSGI
 
Performance for Product Developers
Performance for Product DevelopersPerformance for Product Developers
Performance for Product Developers
 
High performance sites made easy
High performance sites made easyHigh performance sites made easy
High performance sites made easy
 

Kürzlich hochgeladen

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 

Kürzlich hochgeladen (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

How Plone's Security Works

  • 1. How Plone’s security works Matthew Wilkes 2011-11-04
  • 2. Matthew Wilkes • Zope / Plone core developer. • Performance and Security work at the Code Distillery. • Security teams for both Zope and Plone 2011-11-04
  • 5. Object Publishing ZServer gets • request Mostly handled by publish() in ZPublisher.publish. Transaction start • Traverses to the object (or method, or Traversal adapter, etc), potentially instantiating new Get security methods. definitions Convert the permissions • to roles Checks roles required against the roles available to the user in context. Find roles in context • Aborts or commits, as required. mapply Error handling 2011-11-04
  • 6. AccessControl • C and Python implementations of security. • ImplPython is much more verbose, and supports VerboseSecurity, great for debugging. • Documentation pretty poor. • Open by default. • If you don’t think about it explicitly, you will have problems. 2011-11-04
  • 7. ClassSecurityInfo • The most important class for doing security in Plone. • All your classes should have one of these declarations. • Provides declarePublic, declareProtected, declarePrivate • Sets the information onto the class itself in __roles__ • Confused by subclasses and monkey patches 2011-11-04
  • 9. CSRF Overview • Making people do things they don’t want to without them noticing • Example: visit evilsite.com and end up changing your password on myintranet.com • Number 5 on the OWASP top 10 for 2010 2011-11-04
  • 10. POSTonly not enough • But do it anyway. • Possible to fake POST request using javascript (but not read the response) • Better, but not best, for that we need a token 2011-11-04
  • 11. User specificity + gotchas • Don't share CSRF tokens between users. • Especially, don’t publish your secret (e.g. in github), or evilsite.example will start generating your tokens. • Causes problems when scaling/restarting (users filling in forms can suddenly be told they're invalid). • Don’t generate a token unless you have to. 2011-11-04
  • 12. SQL^W Python injection • We're (mostly!) safe from SQL injection • It's not the only kind of injection. • We’ve had two pickle injection vulnerabilities. • Never trust user input (this includes URLs!) 2011-11-04
  • 13. You're doing it wrong 2011-11-04
  • 14. Mistakes • Relying on magic to ensure class security is set up (call InitializeClass explicitly!) • Enabling features in external packages by accident (zope.traversing) • XSS via tal:content="structure whatever" 2011-11-04
  • 15. Yet more mistakes • Accidentally making methods publishable (missing underscore, or a docstring) • Thinking not publishable is an excuse for no security • Attributes added at runtime are usually publishable • Incorrect security declarations (typos, monkey patches) 2011-11-04
  • 17. How Plone hotfixes • A problem is reported • When possible, we give advance warning of the patch date • We work on the patch in a shared (secret) repository 2011-11-04
  • 18. Structure • Applied in __init__ • Provide a log message to say it's applied (check for this!) • Mostly don't break things if you install them on the wrong versions. Mostly. • Release as an old-style product, to make it easier. • Try and provide eggs. 2011-11-04
  • 19. The Code Distillery Bristol Questions? Or contact us on: alan@thedistillery.eu matt@thedistillery.eu 2011-11-04