Ok I’m a little of a freak about security. I realize using a system like Rails and trusting everything works as advertised takes a leap of faith anyway. And with allowing users to provide future web output ( or any input for that matter ) is inherently insecure.
This is a simple idea that if anyone peruses the web and would like to comment on, please do. I will be implementing this in my current in future projects. Especially on my “settings” tables and anything that has the potential for injection above and beyond normal forms.
Each table in your model will implement a signature field.
In the example of my rcron idea of table columns:
dayofweek,month,dayofmonth,hour,minute,
signature,update_on,created_at,lock_type
1. environment.rb contains a private key/passphrase = “1234″. For non Rails people this file is not viewable from the web and is a config file.
1.1 OR more strongly, put it in a separate file, in the not web root, and have ONLY one call to it in a library. That way the variable is not global and goes out of scope after being used (make the call a class method). So nothing can access the key other than this code.
2. All tables have a signature field that is an encrypted string of command. This in effect like a digital signature, I work with VeriSign so it makes sense I think about this.
3. BEFORE command is run the signature is verified always. This means a cracker could not simply replace the contents of the table through a future exploit.
4. So in theory, you can sleep a little easier knowing IF someone access your DB tables, they can’t cause havoc or insert a ‘rm -Rf’ into a table that actually reads the values and executes them. Like a background job table or an rcron table.
