Are attributes excluded from attr_accessible immutable? We don’t want to let users do this, so we exclude :is_teacher from attr_accessible to prevent it.
If the user tries to change his is_teacher attribute from false to true, that’s also considered “hacking”. Including :name in attr_accessible isn’t making it “hackable”, because it’s an attribute that users should be able to change. We don’t care if he does it via the web app, curl, or anything else users are allowed to change their own name. If the user tries to change his own name to “Voldemort”, that’s totally fine.
Once you’ve set your controllers up to prevent a user from even attempting to change another user’s data, you’ve prevented this “hack”. Originally made for the Haunted PS1 Wretched Weekend 1 in around 48 hours ENTER THE WOODS On a camping trip into the forest your friend has vanished in the night. attr_accessible can’t prevent this you need to do proper authentication with something like Authlogic. To be more clear, it could be considered “hacking” if a user were able to change everyone’s name to “Voldemort”. Once this is done correctly, attr_accessible can be used to prevent a malicious user from altering data of her own that she shouldn’t be able to alter. Regular authentication and access control must be used to prevent users from writing to model instances that they shouldn’t be able to write to. If all users have write access to all other users, attr_accessible will let one user change another’s name attribute if it’s specified. Make no mistake: attr_accessible is no substitution for proper access control. I saw one person say “Why would I put anything in attr_accessible? Why would I want any of my attributes to be hackable?” This way, if some intern comes along and adds a bunch of dangerous columns or relations ( payment_accepted or horcruxes, for example), no one has to think about updating the sanitize methods. This is by far the safest way to do it only attributes you’ve explicitly allowed (which hopefully means you’ve thought carefully about them) can be set by mass-assignment. This white-lists name and email these two attributes will be accepted from a mass-assignment method, while all others will be ignored.
0 kommentar(er)
