I was wondering what security issues I might need to worry about. The various permissions are of immediate concern but there may be other items to consider.
Any comments you could make?
Thanks, Jon Lloyd
2) Angus TurnbullGroup: Moderators Posts: 4042Joined: 7 Dec 2003Location: New ZealandIP: 210.54.--.--
Posted:
What kind of security issues? As in users getting/editing forum data they shouldn't (mostly an annoyance), or login access to the webserver itself (potentiall very serious)?
Either way I'm not aware of any issues with the script at present. That's not to say there is a guarantee that it's perfect though; no software is.
- Angus.
3) Jon LloydGroup: Guests IP: 216.209.--.--
Posted:
I was thinking about the serious access of the web site if I've opened up the permissions on the various script files too much
Jon
4) Angus TurnbullGroup: Moderators Posts: 4042Joined: 7 Dec 2003Location: New ZealandIP: 210.54.--.--
Posted:
There's always that risk with CGI scripts. I've tried to avoid doing any stupid things involving file I/O operations (most CGI attacks involve sending scripts hand-crafted data to read/write files it shouldn't on the server, or run commands), but you should always assume your scripts are insecure and both (a) assign them the minimal privileges necessary to operate and (b) take regular backups of your server content.
- Angus.
5) Jon LloydGroup: Guests IP: 216.209.--.--
Posted:
Angus,
What would be the minimum priveileges... or is that very server specific?
Jon Lloyd
6) Angus TurnbullGroup: Moderators Posts: 4042Joined: 7 Dec 2003Location: New ZealandIP: 210.54.--.--
Posted:
It's server specific for the most part. For your part, you'll need execute privileges for the script itself (but no ability to read/write to the .PL file is needed), and allow it to read and write to its data folder and subfolders. The data folder should not be visible at all from a web browser, I recommend placing it somewhere outside the document root for the server.
Ideally the script won't be able to read and write anything else, but that's for the server admin to select as it involves usergroups and process privileges etc. on the server.