Restricting Commands

During initialization of the WELD servlet (us.oh.state.common.utility.TemplateProcessor), the "config" parameter is consulted for the location and name of a property file. This file contains a number of different types of settings, including the registration of new commands and restriction of standard commands.

Because the intention of WELD is to eliminate the need for the web page designer to do any programming, it may be advisable to restrict certain standard JACL commands to prevent the web page designer from getting too "creative". This may be necessary to protect your system. To restrict commands, edit the WELD servlet property file to create as many lines like these as necessary:

# Restrict standard commands
restrict.open=no
restrict.exit=yes

If the setting is "yes", then the command is restricted and cannot be executed from WELD files. The standard JACL "exit" command has been restricted because exiting would cause bad things to happen to the servlet container.

What to restrict

Since WELD runs as the web server, it has permission to everything that the web server administrator does. Consequently, a command like "open" would allow a creative developer to read and write the web server's configuration files. This is probably not a good idea, but security measures vary with the environment and personnel.

Another security-sensitive command is "file". This command gives the ability to create, rename, move, and delete any files which the web server administrator can.

There are also commands which should be restricted for performance reasons. The "for", "while", and "vwait" commands can cause the interpreter to go into a tight loop if they are misused.

There is no practical need for web page designers to have access to these commands, but they are handy for prototyping.

Contents

System Administration

Restricting Commands

Previous: Permissions | Next: Performance Considerations

Modified: Wed Apr 19 16:15:38 EDT 2000