Monkey Patch as hardening procedure
Some times our php code acts as framework to serve small applications like a CMS or an administrative appliance launches mini applications to do maintain tasks.
"myPlugin" file acting as a unsecure code:
And finally the little security layer:
Posted at BinaryCell
If our application is wide open for developers community nothings guarantee the security and your product image can be get a fast burndown for your customers.
Monkey Patch is a simple solution for this ¿why not? Wikipedia explains the moneky patch so:
A monkey patch is a way to extend or modify the run-time code of dynamic languages without altering the original source code. This process has also been described as "duck punching".[1]
src: http://en.wikipedia.org/wiki/Monkey_patch
And this is a interesting way to hardening your external or plugin scripts:
Using namespaces to capture the basic functions:
# apt-get install build-essential php5-dev and pecl apd (advanced php debugger) [...]
A starter "jailed" (more precisely overdrived) environment of application in your framework:
"myPlugin" file acting as a unsecure code:
And finally the little security layer:
Posted at BinaryCell
Comments
Post a Comment