The functions of CGI programs are powerful, but precisely because of this, if you, as a CGI developer or system administrator, do not pay attention to writing and setting up CGI programs, your system will be riddled with holes. This article discusses the security issues of CGI.
3. Safety of CGI
The function of CGI program is powerful. It can not only have the functions of ordinary programs, but also can publish the results of the program on the WEB. But precisely because the functions of CGI programs are so powerful, if you, as a CGI developer or system administrator, do not pay attention to writing and setting up CGI programs, your system will be riddled with holes, allowing some illegal users to take advantage of them.
The security mentioned here is not caused by the CGI specification, but caused by improper programming and system settings. The CGI specification allows users to take advantage of the computing power of the server. It is improper calculations on the server that lead to system security vulnerabilities. Below I give a CGI security vulnerability on UNIX systems. This vulnerability is very common.
# !/usr/local/bin/perl
# formmail.cgi
require "cgi.pl";
# Launch e-mail application "/bin/mail" with Subject: header from the "formname" field
open (MAIL, "|/bin/mail -s '".$input{"formname"}."' webweave");
# Add send "formcontents" field as the body of the message
PRint MAIL $input{"formcontents"};
close(MAIL);
exit(0);
In this example, the CGI program submits the form information to /bin/mail and sends it to the webveave server. In most cases, this CGI program can complete the task normally, but this CGI program does not filter the information entered by the user in the WEB form, thus leaving security risks. When users or people with ulterior motives enter incorrect data, it may cause system errors or gain undue permissions.
For example, the user fills in the following content in the "formname" of the WEB form:
"ls /etc/passwd '[email protected] #'
The content of /etc/passwd will be displayed in the user's WEB browser. If the passwd file of this UNIX system does not have a shadow, the user can use this content to try to crack the password using crack jack or crack john!
As mentioned earlier, CGI security is the responsibility of both programmers and system administrators. Now I will talk about things that both of them should pay attention to:
System administrator's job:
1. Cooperate with programmers to share information about server security, check each other's codes at the same time, and discover security issues in the code in a timely manner.
2. Use good server software and often go to the server software's WEB site to learn the latest information.
3. Restrict server users to specific network hosts, use the server's security management function, set routing access control, etc.
4. Restrict CGI functions, restrict some advanced services to trusted users, limit the use of tested CGI programs to developers, and provide only tested CGI programs to users.
5. When using other people's CGI programs, carefully check the code.
6. Limit the use of CGI programs to a protected environment, set the server to non-privileged user access, and set up a running account or group specifically for CGI programs.
7. Set up the server running the CGI program outside the firewall. It must be noted that the server running the CGI program must be set up outside the firewall. If it is set up inside the firewall, once illegal users find the security vulnerability of the CGI program server, they will You can control all hosts within the firewall!
8. Reduce the running priority of CGI programs to prevent users from maliciously running a large number of CGI programs causing server overload.
9. Subscribe to emails about network security and participate in network security news groups.
CGI Programmer Jobs:
1. Cooperate with the system administrator to understand the security information of the system and check each other's codes.
2. Use reliable library programs and check the source code of the library programs.
3. Obtain the client name from REMOTE_HOST and limit some advanced functions to trusted clients.
4. If the WEB server provides HTTP password confirmation, use HTTP password to restrict access.
5. Filter user input and remove illegal input data.
6. Limit the size of input data to prevent malicious users from overloading the server by inputting large amounts of data.
7. Avoid passing user data to other applications to prevent users from calling the command interpreter or exploiting security vulnerabilities in other applications.
8. When you discover a vulnerability in a CGI program, do not tell anyone, let alone leave comments in the program. What you should do is to patch the vulnerability immediately.
9. Learn to be an attacker and find out the security vulnerabilities of CGI programs.