Mailing List Archive

[master] 82f2f25d2 About trusting backends a bit less
commit 82f2f25d289c4737adc72f0d34846af91f1b64e0
Author: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Wed Aug 10 08:48:18 2022 +0000

About trusting backends a bit less

diff --git a/doc/sphinx/phk/barriers.rst b/doc/sphinx/phk/barriers.rst
index cc2728b92..794e57e36 100644
--- a/doc/sphinx/phk/barriers.rst
+++ b/doc/sphinx/phk/barriers.rst
@@ -14,7 +14,9 @@ if you find yourself thinking "Why did he do _that_ ? the answer has to
do with security.

The Varnish security model is based on some very crude but easy to understand
-barriers between the various components::
+barriers between the various components:
+
+.. code-block:: text

.-->- provides ->---------------------------------------.
| | |
diff --git a/doc/sphinx/phk/index.rst b/doc/sphinx/phk/index.rst
index c0374116c..f7ccde00d 100644
--- a/doc/sphinx/phk/index.rst
+++ b/doc/sphinx/phk/index.rst
@@ -13,6 +13,7 @@ You may or may not want to know what Poul-Henning thinks.
.. toctree::
:maxdepth: 1

+ routine.rst
503aroundtheworld.rst
legacy.rst
ip_address.rst
diff --git a/doc/sphinx/phk/routine.rst b/doc/sphinx/phk/routine.rst
new file mode 100644
index 000000000..8cd776ce0
--- /dev/null
+++ b/doc/sphinx/phk/routine.rst
@@ -0,0 +1,42 @@
+..
+ Copyright (c) 2022 Varnish Software AS
+ SPDX-License-Identifier: BSD-2-Clause
+ See LICENSE file for full text of license
+
+.. _phk_routine:
+
+========================
+Getting into the routine
+========================
+
+Yesterday we released `VSV00009 </security/VSV00009.html>`_, a pretty
+harmless DoS from the backend side, which could trivially be mitigated
+in VCL.
+
+By now handling security issues seem to have become routine for the
+project, which is good, because that is the world we live in, and
+bad, because we live in a world where that is a necessary skill.
+
+From the very start of the project, we have treated backends
+as "trusted", in the sense that a lot of nasty stuff we try to handle
+from clients got "dont do that then" treatment from the backend.
+
+That was back when "cloud" were called "mainframes" and "containers"
+were called "jails", way back when CDNs were only for companies
+with more money than skill.
+
+Part of the reasoning was also maximizing compatibility.
+
+Backends were a lot more - let us call it "heterogenous" - back
+then. Some of them were literally kludges nailed to the side of
+legacy newspaper production systems, and sometimes it was obvious
+that they had not heard about RFCs.
+
+For the problem we fixed yesterday, one line of VCL took care of
+the problem, but that is not guaranteed to always be the case.
+
+These days the "web" is a lot more regimented, and expecting
+standards-compliance from backends makes sense, so we will
+tighten the screws in that department as an ongoing activity.
+
+Poul-Henning, 2022-08-05
_______________________________________________
varnish-commit mailing list
varnish-commit@varnish-cache.org
https://www.varnish-cache.org/lists/mailman/listinfo/varnish-commit