H3S1: Sensitive information:
H3S2: Sensitive actions:
Hu: The visibility of sensitive information is one concern, but permissions to make changes to that, and other information, separately # For example, even if someone has not access to a particular post, if they accept post.post-number.php? for that post, they might be able to access the URL to delete that post: mysql.delete-redir.php. If this page does not have an authentication-lockdown, then a user who has deduced the link, thematic, to this redir, and the username and post_ID $_GET system in my URL propagation<WP.MIC-H2S41> would be able to # trigger the deletion of other people’s pages, without their permission, simply by shortcutting to that URL <Turing!>
Every page that can be accessed by a URL which, for WAMP, practically, is every page that exists, including includes, needs to be locked down by checking the authenticity of the $session_user. URLs that are associated with posts, by pulling the post_ID with $_GET, need to be locked down, on a user-by-user basis.
H3S3: Security-dependencies in WAMP:
Hu: The security promise of one’s application, if building in WAMP, is intimately tied # with the performance of its components<Turing> For example, in a redir that contains a sensitive | action<H3S2>, the line that contains the lockdown code must be executed before the action; this is the programmer’s part, but he’s relying on the Faith that the PHP-interpreter will infallibly read the script from top to bottom, without ever, under any load, skipping any lines, to trust that the sensitive | action can actually be guarded 100% of the time.<WP.MIC-H2S61>
H3S4: Sequestering the domain of damage:
Hu: An important concept in security is controlling the range of damage that can be had by a malicious act. Ideally, a secure system will deductively sequester the domain to only the user’s own, and any relationships, or interactions, in which the user plays a 2-way part, without affecting any other users, such as a group, larger than 2, or other users, who are using the same service. MySQL injections, for example, have a maximal domain of ;DROP DB; and therefore, if each user is assigned his own db, along with all interactions, then he can never harm users, with whom he has no interaction, nor the interaction of other users, when they are not interacting with him, directly.