Does the ModelDriven interface poses a security explot in struts2?

Question

background: I coded a struts2 ActionSupport class with ModelDriven. It\'s a hibernate/spring web app, using OSIV and attached entities in the view (JSP).

I received

Answer 1

Your architect is right, putting objects with access to sensitive information on the ValueStack poses a potential security risk. A malicious user could indeed reset the password with the above attack.

BUT:

Since he is an architect he should have designed ways for proper validation/restriction of input parameters. Using the ParamsInterceptor in Struts2 it's fairly easy to only allow specific parameters to be passed to an action. Thus, it's not your work that sucks, it's your system's architecture. Developers should be able to focus on implementing business logic. The infrastructure must be provided by the architect.

Cheers,

w