[Haskell-beginners] Type checking to prevent data injection attacks?
Mike Meyer
mwm at mired.org
Fri Dec 21 21:49:20 CET 2012
While thinking about my next blog posting, I realized that it was a
technique similar to what Perl does with the concept of "tainted"
strings.
If you're not familiar with it (and I'm probably getting the details
wrong, not having written any perl in decades), a string that comes
from an external source is considered "tainted". String constants in
the program source are not. There's a builtin that can be used to say
that declares a tainted string as not being tainted (presumably, the
programmer has examined it somehow to determine this). Any string
operations that return strings return tainted strings if any of the
strings involved were tainted. Finally, functions that are subject to
data injection attacks don't work on tainted strings.
It seems like the Haskell type system ought to be able to support
this. I can see a couple of approaches that might work (a "tainted"
monad for use on the different string types or an Either-ish datatype)
that might work, but don't have the chops to decide which approach
might be better - or maybe that the answer is that it depends on the
goal.
I did some googling for this, but didn't turn up anything that seemed
promising. Lots of stuff on type checking untrusted values, but no
flagging strings as untrusted. Which leaves the questions...
Is this actually a sane idea?
Is there already a Haskell package that does this? Possibly part of a
web framework?
A package for another language, or a paper discussing doing this?
Thoughts on other approaches than the two I mentioned?
Thoughts on the best way do to do this?
Thanks,
<mike
More information about the Beginners
mailing list