Talk:Confused deputy problem
This is the talk page for discussing improvements to the Confused deputy problem article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||||||||||||
|
Unnamed section
[edit]Someone needs to solve the Confused Reader Problem for this article. It's written in sufficiently abstract terms that I can't figure out exactly what it's talking about, and I suspect the example may not be the best one possible, either. --Carnildo 02:28, 21 December 2006 (UTC)
Agreed. I rewrote the article; hopefully this will help. CLandau (talk) 20:10, 14 February 2008 (UTC)
- The new version is much better. --Carnildo (talk) 22:42, 14 February 2008 (UTC)
The first paragraph states that the server runs with the client's access privileges, but the third states that the server runs with its own access privileges. Put another way, the first paragraph implies that the server would not be able to open BILL because the client does not have access to BILL. --object01 (talk) 13:19, 10 April 2009 (UTC)
Example - Personal Firewall.
[edit]How can the personal firewall possibly be a confused deputy when it's doing what it should? The browser is doing what it should too and the "attacking" software can't be the confused deputy. The example smells wrong to me, any thoughts? --Streaky (talk) 02:51, 7 May 2012 (UTC)
Simple solution to the example of a compiler server
[edit]Rather than having the server write the file to the filesystem, hand the result of the compilation to the client requesting the compilation; write the information to BILL and don't touch anything else. It is then the responsibility of the client to figure out where to put the result and there is no risk of privilige escalation or reduction -- the server will have access to exactly the things it needs and the client will also only have access to exactly the things it needs (or attempt to do something it's not allowed to do).
The example is trivial to solve (for example, by using any message passing interface), but I suspect the real problem is identifying when there is a potential problem in the first place -- i.e. when can a server be tricked, not how do you avoid it.
- Right, but that also depends on the nature of the ordered service; for example, maybe clients don't want to actively wait on the other end of a message passing interface until their order is complete, what would be like having someone waiting for a postman instead of mounting a mailbox in front of his/her house. :)
- Another solution might be to implement paths checking or some kind of "private" directories, or to simply refuse to overwrite any already existing files, or already existing files not belonging to the exact customer. Let's just remember the sticky bit, which might be the simplest solution when combined with a compiler switching to user's UID.
- To me, this compiler example is here just to illustrate the problem – it's far away from not having a simple and effective solution. — Dsimic (talk | contribs) 01:27, 31 March 2014 (UTC)
Poor example given in confidence trick
[edit]All confidence tricks get the victim to do something that's against their own interests. "Salting" does not rely on the victim having any particular authority; the criminal just wants the victim's money. Jaysbro (talk) 11:28, 12 July 2014 (UTC)
- Yes, the grocery store barcode example is silly too. That's not "confused deputy". It has nothing to do with the authority of the cash register or the computer system. It's just Fraud. Hornpipe2 (talk) 02:46, 9 October 2018 (UTC)
External links modified
[edit]Hello fellow Wikipedians,
I have just modified 2 external links on Confused deputy problem. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:
- Added archive https://web.archive.org/web/20031205034929/http://www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html to http://www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html
- Added archive https://web.archive.org/web/20031205034929/http://www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html to http://www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html
When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.
This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}}
(last update: 5 June 2024).
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers.—InternetArchiveBot (Report bug) 06:47, 9 December 2017 (UTC)
- Start-Class Computer Security articles
- High-importance Computer Security articles
- Start-Class Computer Security articles of High-importance
- Start-Class Computing articles
- High-importance Computing articles
- All Computing articles
- All Computer Security articles
- Mid-importance Computing articles
- Start-Class software articles
- Mid-importance software articles
- Start-Class software articles of Mid-importance
- All Software articles