应保护哪些字段免于批量分配? [英] Which fields should be protected from mass assignment?

问题描述

我正在对 Rails 2.3.8 应用程序进行安全审核，出现的问题之一是我们的模型中缺少 attr_protected 或 attr_accessible定义.我理解它们背后的原因，甚至写了一个 gem 来协助批量分配，但我寻找我可能遗漏的属性.

I'm doing a security audit on a Rails 2.3.8 application and one of the things that has come up is our lack of attr_protected or attr_accessible in my model definitions. I understand the reasoning behind them, and have even written a gem to assist with mass assignment, but I'm looking for attributes that I might potentially be missing.

我遇到的问题是确定应保护哪些字段.对此，人们通常遵循什么规则吗?我在想像外键这样的属性和像管理员这样的布尔值?保护是有意义的.我还想知道 STI 类型和多态 *_type/*_id 字段等字段.我看到 Rails 3 引入了 默认保护的属性，但 Rails 2.3.8 似乎没有这个.

The problem I have is determining which fields should be protected. Are there any rules that people generally follow for this? I'm thinking attributes like foreign keys and booleans like admin? would make sense to protect. I'm also wondering about fields like STI type, and polymorphic *_type/*_id fields. I see that Rails 3 introduced attributes protected by default, but it doesn't appear that Rails 2.3.8 has this.

对此的任何指导将不胜感激.

Any guidance on this would be greatly appreciated.

推荐答案

我的一般经验法则是，您不希望用户修改的任何属性都应该受到保护.

My general rule of thumb is that any attribute you don't want users to modify should be protected.

因此，在我的模型中，我将 attr_accessible 用于作为表单中的字段存在的所有属性.所有其他人都受到保护.(我宁愿默认情况下保护所有内容.)

So in my models, I use attr_accessible for all attributes that are present as fields in forms. All others are protected. (I'd rather have everything protected by default.)

换句话说:假设客户端发送的所有数据都将被恶意篡改.

In other words: assume all data sent by clients will be maliciously tampered.

相关博客文章http://www.kalzumeus.com/2010/09/22/security-lessons-learned-from-the-diaspora-launch/

这篇关于应保护哪些字段免于批量分配?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！