Code Safety and Malicious Content

[Previous] [Next]

The race to produce more flexible and functional Web applications requires some degree of client-side code, so many Web sites include code that's executed in the browser. Examples of such code include the following:

  • Dynamic HTML
  • JavaScript
  • Microsoft Visual Basic, Scripting Edition (VBScript)
  • Java
  • ActiveX components
  • PostScript
  • Scripting code in word processing and spreadsheet documents

Client-side code serves two main purposes: The first is to offload work from the server. If work is performed at the client rather than at the server, the cost of a round-trip to the Web server is avoided. The second is to boost functionality. There are many things HTML simply cannot do; after all, HTML is a text layout language and nothing more.

Running client code carries risks, however. You might not be able to tell whether the code is malevolent or benign, and many vulnerabilities over the past few years relating to downloadable or mobile code have come to light. The threats include the following:

  • Code that deletes data (data integrity threat)
  • Code that copies confidential data and makes it available to other users (privacy or disclosure threat)
  • Code that consumes all disk space or consumes CPU time (denial of service threat)
  • Code that attempts to gain administrative access to the computer (elevation of privilege threat)

As a Web site developer, you should determine what capabilities are required by your applications and then choose the technology that most closely maps to those capabilities. In a way, it's a twist on the least privilege rule: use the technology with the fewest capabilities that gets the job done.

The threats based on security bugs are often fixed rapidly by the software manufacturer, but not all systems install the security patches in a timely manner. It is imperative that you stay abreast of security updates for all the products you use, regardless of the vendor. For example, http://www.microsoft.com/security has all the latest information about security in Microsoft products.

If your business needs require you to use technologies like Java and ActiveX, make sure you digitally sign the component. More information on signing code can be found at http://msdn.microsoft.com/workshop/security/authcode/signfaq.asp. Also note that you can selectively disable ActiveX components from running by setting the "kill bit" on the component. Refer to Knowledge Base article Q240797, "How to Stop an ActiveX Control from Running in Internet Explorer," at http://support.microsoft.com/support/kb/articles/Q240/7/97.asp for more detail.



Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net