Gossamer Forum
Home : Products : Gossamer Links : Version 1.x :

Security issue : chmod 600

Quote Reply
Security issue : chmod 600
Hello Alex!

It is very easy to make a mod for all the Links + Links SQL scripts in a way that all the defs are accessible only by the scripts of admin. This becomes perticularly important if the installation is on a shared server. If the defs are script
protected than only admin can have access to those defs or db.

This requires a routine that locks and unlocks all the files that needs to be protected at the level of chmod 600!



------------------
rajani











Quote Reply
Re: Security issue : chmod 600 In reply to
I suppose you could also make the files 604 and 605 seeing as most of the time, httpd access the files as nobody:nobody.

The big diff? Anyone that's in the same group as you will not be able to see the files.

On a shared server, where users are usually members of the group "users" it can provide really basic but functional protection. (not much, but a little)
Quote Reply
Re: Security issue : chmod 600 In reply to
Hi,

The only way to get a file owned by your user and 600 is if you use a cgi wrapper like CGIwrap or SUexec. Otherwise, the server needs to be able to read (and if you use the online editor, also write) to the file and it needs to be 644 or 666.

If you are on a shared server with open CGI access, you are taking a risk as anyone can view anyone elses files. You might want to consider a dedicated machine if you need to keep things absolutely secure.

Cheers,

Alex
Quote Reply
Re: Security issue : chmod 600 In reply to
Hello!

I have installed a script that makes chmod 600 accessible by that script only.
I could not download it, read it, nor do anything other than delete it!!!
(User=nobody)

And thats really NOT bad at all on a shared server, eventhough it gives a
basic protection while using REMOTE_USER_AGENT external protection. Its worth it.

And one could encrypt it also. (perl >encypt..)

The defs do not need anymore than chmod 600 anyway Smile

Also all the file must have an internal security routine that will work with a 600 mod file
togather and ask for an external password from password.pm. This means double protection,
however the basic it may be.

Password.pm gives Links SQL different times different chmod automatically.

Moreover the admin.cgi can also be sensitive in this way. If it takes the
IP address of the provider and uses it as an identification that would be the first
step of security. When it finds it that its correct than it asks for the password of the admin.
After the connection is broken, it can change itself into mod 600!!!

The remaining files inside the admin can also be script of admin.cgi driven.
Only script of admin can access them.

May be this is going too far....

------------------
rajani