Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
varnish-cache
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Commits
Open sidebar
varnishcache
varnish-cache
Commits
82f2f25d
Commit
82f2f25d
authored
Aug 10, 2022
by
Poul-Henning Kamp
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
About trusting backends a bit less
parent
b92430cc
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
46 additions
and
1 deletion
+46
-1
barriers.rst
doc/sphinx/phk/barriers.rst
+3
-1
index.rst
doc/sphinx/phk/index.rst
+1
-0
routine.rst
doc/sphinx/phk/routine.rst
+42
-0
No files found.
doc/sphinx/phk/barriers.rst
View file @
82f2f25d
...
...
@@ -14,7 +14,9 @@ if you find yourself thinking "Why did he do _that_ ? the answer has to
do with security.
The Varnish security model is based on some very crude but easy to understand
barriers between the various components::
barriers between the various components:
.. code-block:: text
.-->- provides ->---------------------------------------.
| | |
...
...
doc/sphinx/phk/index.rst
View file @
82f2f25d
...
...
@@ -13,6 +13,7 @@ You may or may not want to know what Poul-Henning thinks.
.. toctree::
:maxdepth: 1
routine.rst
503aroundtheworld.rst
legacy.rst
ip_address.rst
...
...
doc/sphinx/phk/routine.rst
0 → 100644
View file @
82f2f25d
..
Copyright (c) 2022 Varnish Software AS
SPDX-License-Identifier: BSD-2-Clause
See LICENSE file for full text of license
.. _phk_routine:
========================
Getting into the routine
========================
Yesterday we released `VSV00009 </security/VSV00009.html>`_, a pretty
harmless DoS from the backend side, which could trivially be mitigated
in VCL.
By now handling security issues seem to have become routine for the
project, which is good, because that is the world we live in, and
bad, because we live in a world where that is a necessary skill.
From the very start of the project, we have treated backends
as "trusted", in the sense that a lot of nasty stuff we try to handle
from clients got "dont do that then" treatment from the backend.
That was back when "cloud" were called "mainframes" and "containers"
were called "jails", way back when CDNs were only for companies
with more money than skill.
Part of the reasoning was also maximizing compatibility.
Backends were a lot more - let us call it "heterogenous" - back
then. Some of them were literally kludges nailed to the side of
legacy newspaper production systems, and sometimes it was obvious
that they had not heard about RFCs.
For the problem we fixed yesterday, one line of VCL took care of
the problem, but that is not guaranteed to always be the case.
These days the "web" is a lot more regimented, and expecting
standards-compliance from backends makes sense, so we will
tighten the screws in that department as an ongoing activity.
Poul-Henning, 2022-08-05
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment