Re: [xwiki-users] How safe is xwiki?

Hi Alain, There are 2 security areas when talking about XWiki: the security of the underlying system, and the security of the wiki itself. The first one depends a lot on the security of the container (Tomcat, for example), and I think that most containers are pretty safe to use, as a lot of websites are built on the Java technology. One important aspect is the security model of the JVM; you can leave the container without a security manager, which allows an application to do anything (well, anything the user owning the java process can do on the system), or enable the security manager which allows an application to do only what you tell it to. While enabling the security manager is the safest thing to do, we didn't quite experiment with this, so we can't provide a good policy file that will allow XWiki to run, you will have to write it yourself; there is a minimal file which allows XWiki to start under the security manager, but it isn't tested on more than viewing a page (see http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around with this policy file until you determine the minimum safe set of rules, then you won't have anything to worry about on the system security. The second part is a bit trickier, as it depends a lot on how you manage users and their rights. If you only grant view and edit rights to people you trust, then there shouldn't be any risks. If you open the wiki for public registration and public editing, then you will have the problem any wiki has: anyone can alter the data. This is where the administrator(s) are needed: managing users and their roles/rights. A pretty good thing is that XWiki has versioning, so you can always revert a document to a previous version, and a recycle bin, so you can recover deleted documents. Regarding rights, there is a major issue: XWiki has something called the Programming right, something that allows users to go beyond simple editing, as it allows a user to write scripts that can alter all the data in the wiki, or even scripts that can do anything a java program can do (even access the filesystem and send data over the network). This is where the security manager I talked about above is useful, as it restricts what such a script can do on the system. Now, this is something you should take extra care about: it is not a problem unless you make it one. Never let this right be used in the wiki, it is not intended to be granted to normal users but to your "super" administrators, who know how and when to use this access right. This means that you should only use the default Admin account to setup the wiki, then create a normal user for day-to-day editing. So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only a matter of proper configuration. It does not contain anything inherently unsafe, it is built on a safe platform, with the dangerous things (programming right) locked up by default. Alain M. wrote: > Please, can anyone help me on this matter?? I have waited some time but > didn't get an answer. This is important, any information will help > ------- > > If I install xwiki in a VPS, and leave it running, with a firewall that > leaves open only the port that xwiki is using, > > Could it be atacked by a hacker to gain access to the server? > > Do I need some extra protection? Is there a security tutorial? > >