[BioRuby] RFC Caching (was BioRuby standards)

Naohisa GOTO ngoto at gen-info.osaka-u.ac.jp
Thu Sep 18 03:16:59 UTC 2008


Hi Pjotr,

If you don't want to implement any access control,
using world writable directory like /tmp (comes from
ENV['TMPDIR'] or Dir.tmpdir) by default should be disabled,
because this is vulnerable to a symbolic link attack.

About symbolic link attack, please refer documents:
http://www.codeproject.com/KB/web-security/TemporaryFileSecurity.aspx
(Note that Ruby's standard TempFile has no problem.)

When the "cache" directory isn't explicitly specified
by user by using the environment variable BIORUBY_CACHE
(or command-line options of custom application),
doing without cache should be the default.

It is also good to raise SecurityError when the specified
directory is writable by everyone.

On Wed, 10 Sep 2008 09:48:58 +0200
pjotr2008 at thebird.nl (Pjotr Prins) wrote:

> Hi Naohisa,
> 
> Thanks for comments. See below.
> 
> On Wed, Sep 10, 2008 at 10:48:20AM +0900, Naohisa GOTO wrote:
> > Hi,
> > 
> > I think the most important thing for cache is data integrity.
> > For example, timing for detecting updates of original data,
> > controlling accesses and resolving race conditions
> > (two or more processes or threads simultaneously want to
> > use, update, create, and/or remove the same cache data).
> > However, your code only contains directory name determination.
> 
> Well, caching is a universal term for storing stuff intermediately.
> And what I need is a place to put files. With regard to race
> conditions you are right - if two processes were to download the same
> file it would get mangled. However, them being XML the program would
> throw an error on parsing. For me that works well enough. For BioRuby
> we may need to think of something more universal - and it is not that
> hard to do. That is why I wrote my earlier mail. If you want to
> support something universal it should be at a higher point in the
> source tree.
> 
> But maybe leave it until someone gets an itch to scratch.

If the mangled XML was unfortunately syntax valid XML,
no obvious error but incorrect data could be obtained.
However, now, I believe "that works well enough".

Plese write a document in RDoc about the limitation of
current implementation when race condition.

> > line 24:
> > >      def set directory, subdir = nil
> > 
> > In def lines, please use parentheses explicitly,
> > e.g.   def set(directory, subdir = nil),
> > because most of existing code in BioRuby does so.
> 
> I like the 'most'. But OK.
> 
> > line 28:
> > >         dir = dir + '/' + subdir
> > 
> > File.join(dir, subdir) should be used, possibly to support
> > non-UNIX systems like Windows.
> 
> OK
> 
> > lines 41 to 45:
> > >          if cache==nil or cache==''
> > >            cache = ENV['TMPDIR']
> > >          end
> > >          cache = '/tmp' if cache==nil or cache==''
> > >          set cache, subdir
> > 
> > Using Dir.tmpdir defined in tempdir.rb is better.
> > http://www.ruby-doc.org/stdlib/libdoc/tmpdir/rdoc/index.html
> 
> Thanks,
> 
> Pj.

Naohisa Goto
ngoto at gen-info.osaka-u.ac.jp / ng at bioruby.org




More information about the BioRuby mailing list