Re: Prolog authentication???

Dear Mauro,

On 2006-06-26, Mauro DiNuzzo <picorna@xxxxxxxxx> wrote:
Errata:
Is someone among developers of Prolog systems thinking to implement an
authentication procedure within the Prolog toplevel (just as SQL based
environments)?
If Prolog has to be used in web applications (and above all, for its
database capabilities) it seems to me that Prolog has to implement some
security tools. According to me they can NOT be lacking...
Besides, one should have the possibility to differentiate user's
permission
(e.g. restrict calls to some predicates, or perhaps allow/deny permissions
over streams
to bypass the filesystem, etc...).

I doubt this is something that must be part of the language. I do
have code like that running on top of the SWI-Prolog HTTP
infrastructure, so users must login and the system validates access
before providing access to some URLs.

Providing it as part of the language however means we must associate
rights with the current goal and permissions to predicates. This is
all pretty expensive and complicated, while in general you do not want
validation at this detailed level. Think of assert/1. We can
assert/1, denying assert to anything, only deny assert to some
predicate, or even deny asserting certain things to a predicate. How
do we specify `certain things'?

I have been thinking of a mode similar to TeX, PDF, Java applets,
etc.: deny the process (or part of it) the right to access potentially
dangerous things. In practice, that could mean:

* Deny starting external processes
* Deny loading shared objects (DLLs)
* Deny opening files, possibly allowing it only for a
specific directory.

This would be an interesting option for Prolog serving as a
web-server, where it first acquires the resources it needs for the
rest of its tasks and then drops privileges (which cannot be
reversed), so that being able to `steal' Prolog, you can't do much
harm. There is some use in this in protecting against simple attacks
like opening '../../../../../etc/passwd'. Also the damage from
typical programming errors like constructing goals by parsing user
input and calling it can be limited using this technique. I mean,
code like this:

...,
http_parameters(Query,
[ action(Action),
param(Param)
]),
call(Action, Param).

This would provide an easy to manage, but limited, protection. Secure
environments are better of running the server in something like the Unix
chroot `jail'.

Cheers --- Jan





.

Relevant Pages

  • Re: Prolog as a scripting language
    ... but in other environments it is not necessary ... Often you can have easy accessibility from both Prolog and Perl. ...
    (comp.lang.prolog)
  • Prolog authentication???
    ... authentication procedure within the Prolog toplevel (just as SQL based ... one should have the possibility to differentiate user's permission ...
    (comp.lang.prolog)
  • Re: Prolog authentication???
    ... If Prolog has to be used in web applications (and above all, ... database capabilities) it seems to me that Prolog has to implement some ...
    (comp.lang.prolog)