[ic] Security problem?

[Kevin Walsh]

> Hmm, it just occured to me that users can apparently update arbitrary
> fields in the userdb by saving any form page and adding input fields
> corresponding to column names in the userdb.  This will set IC values
> and is the userdb is later saved will update any such fields.  I just
> tried it and it seems to work.
> 
> Is there a way of preventhing this or is it just that by design you're
> not supposed to put anything in the userdb that you want to prevent
> people from updating?  I note that the foundation userdb has some
> fields that it would appear the user should not be able to set, i.e.
> "dealer".
> 
> Am I missing something?
> 
The users can mess about and change all the UserDB information they
want to as long as they only have access to the name/address/phone
values.

"Sensitive" information such as dealer status and credit limit etc.,
should be set up so that the values are loaded/saved to/from scratch
variables instead of form/CGI values.  This is done in the default
Foundation setup, so you can look at your catalog.cfg configuration to
see how these UserDB declares sensitive UserDB information to use the
"scratch" space.

There is no security problem as long as you are aware of this when
creating more UserDB columns to meet your requirements.

Try changing the dealer status, using your test form, to try it out.
The change won't be used and it won't be saved.

-- 
   _/   _/  _/_/_/_/  _/    _/  _/_/_/  _/    _/
  _/_/_/   _/_/      _/    _/    _/    _/_/  _/   K e v i n   W a l s h
 _/ _/    _/          _/ _/     _/    _/  _/_/    kevin@cursor.biz
_/   _/  _/_/_/_/      _/    _/_/_/  _/    _/