[cap-talk] solve CSRF by making references unforgeable, not unshareable

David-Sarah Hopwood david.hopwood at industrial-designers.co.uk
Wed Mar 25 12:41:26 EDT 2009


John Carlson wrote:
> zooko wrote:
>> This insight leads us to propose the following aphorism: Solve CSRF
>> attacks by making references unforgeable, not by making them
>> unshareable.
> 
> Wouldn't making SQL queries unforgeable solve the SQL injection problems?

References are made unforgeable by making valid representations of them
either opaque or sparse (unguessable). Representations of SQL queries
cannot be made opaque nor sparse.

SQL injection (and injection attacks in general for any language) can
be solved by ensuring that the structure of the query as parsed is the
structure intended by the programmer. The easiest and simplest way to
do this is for the query API to represent a query as an abstract syntax
tree, not a string.

If you want a pithy aphorism:
Strings are tricky. Don't rely on applications to say what they mean as
a string.

-- 
David-Sarah Hopwood ⚥



More information about the cap-talk mailing list