10 May
2008
10 May
'08
3:01 a.m.
Please, can anyone help me on this matter?? I have waited some time but
didn't get an answer. This is important, any information will help
-------
If I install xwiki in a VPS, and leave it running, with a firewall that
leaves open only the port that xwiki is using,
Could it be atacked by a hacker to gain access to the server?
Do I need some extra protection? Is there a security tutorial?
thanks
Alain
10 May
10 May
3:37 a.m.
New subject: [xwiki-users] How safe is xwiki?
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
Please, can anyone help me on this matter?? I have
waited some time but
didn't get an answer. This is important, any information will help
-------
If I install xwiki in a VPS, and leave it running, with a firewall that
leaves open only the port that xwiki is using,
Could it be atacked by a hacker to gain access to the server?
Do I need some extra protection? Is there a security tutorial?
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
5:11 a.m.
New subject: [xwiki-users] How safe is xwiki?
Hi Sergiu,
ok, I can say then that:
1) Container security doesn't seam to a major concern, or you would have
been more preocupied. I will seek a qualified professional and pass
him your information.
2) wiki secure by it's users is up to me :) this is quite normal
BUT the real question: is if xwiki by it self has security issues. Let
me give an example: php has a weekness known as "sql injection".
Is XWiki prone to the same kind of problem?
Thanks,
Alain
Sergiu Dumitriu escreveu:
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
Please, can anyone help me on this matter?? I
have waited some time but
didn't get an answer. This is important, any information will help
-------
If I install xwiki in a VPS, and leave it running, with a firewall that
leaves open only the port that xwiki is using,
Could it be atacked by a hacker to gain access to the server?
Do I need some extra protection? Is there a security tutorial?
8:55 a.m.
New subject: [xwiki-users] How safe is xwiki?
Thanks for this explanation. Sergiu. Could this be the seed for a
Security entry in the General Links right side menu in XWiki.org?
It will be at least in EPEC Network! :-)
Cheers,
Ricardo
Sergiu Dumitriu wrote:
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
--
Ricardo RodrÃguez
Your EPEC Network ICT Team
Please, can anyone help me on this matter?? I
have waited some time but
didn't get an answer. This is important, any information will help
-------
If I install xwiki in a VPS, and leave it running, with a firewall that
leaves open only the port that xwiki is using,
Could it be atacked by a hacker to gain access to the server?
Do I need some extra protection? Is there a security tutorial?
9:20 a.m.
New subject: [xwiki-users] How safe is xwiki?
Hi Alain,
Alain M. wrote:
Hi Sergiu,
ok, I can say then that:
1) Container security doesn't seam to a major concern, or you would have
been more preocupied. I will seek a qualified professional and pass
him your information.
2) wiki secure by it's users is up to me :) this is quite normal
BUT the real question: is if xwiki by it self has security issues. Let
me give an example: php has a weekness known as "sql injection".
Just a brief comment as my skills aren't enough to keep this discussion:
you are comparing two different things. PHP can not be one term of the
comparison. You can compare PHP with Java; or XWiki with MediaWiki (the
first running on a Java servlet container, the second running on PHP.
We come from MediaWiki. We was pretty happy there, but we where missing
a number of things. Granularity in access control was the main one.
XWiki is walking fast toward a powerful rights managing system.
Hope this helps,
Ricardo
Is XWiki prone to the same kind of problem?
Thanks,
Alain
--
Ricardo RodrÃguez
Your EPEC Network ICT Team
9:40 a.m.
New subject: [xwiki-users] How safe is xwiki?
Alain M. wrote:
Hi Sergiu,
ok, I can say then that:
1) Container security doesn't seam to a major concern, or you would have
been more preocupied. I will seek a qualified professional and pass
him your information.
2) wiki secure by it's users is up to me :) this is quite normal
BUT the real question: is if xwiki by it self has security issues. Let
me give an example: php has a weekness known as "sql injection".
Is XWiki prone to the same kind of problem?
Alain,
I run a web hosting service. 99% of the applications deployed are JAVA
based.
1% of the applications are PHP based. HOWEVER 99% of all application
related security
issues we deal with are related to PHP.
Thanks,
Alain
Sergiu Dumitriu escreveu:
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
> Please, can anyone help me on this matter?? I have waited some time but
> didn't get an answer. This is important, any information will help
> -------
>
> If I install xwiki in a VPS, and leave it running, with a firewall that
> leaves open only the port that xwiki is using,
>
> Could it be atacked by a hacker to gain access to the server?
>
> Do I need some extra protection? Is there a security tutorial?
>
>
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
1:46 p.m.
New subject: [xwiki-users] How safe is xwiki?
Hello Alain,
Hi Sergiu,
ok, I can say then that:
1) Container security doesn't seam to a major concern, or you would have
been more preocupied. I will seek a qualified professional and pass
him your information.
If you are looking for a highly secured server, the container security
SHOULD be for you a major concern, since this is where you can narrow
down things the contained webapps (would it be XWiki, or any other webapp)
can do, as Sergiu explained in his mail. Especially for XWiki, since some
of your users may be allowed to execute (potentially harmful) groovy code.
For tomcat for example, you can first read
http://tomcat.apache.org/tomcat-5.5-doc/security-manager-howto.html
2) wiki secure by it's users is up to me :) this
is quite normal
BUT the real question: is if xwiki by it self has security issues. Let
me give an example: php has a weekness known as "sql injection".
SQL injection is a type of issue which relates to any application database
layer, not just to php applications (it can also exist on Java application
that uses the JDBC API for example).
Is XWiki prone to the same kind of problem?
I'm wondering what kind of answer you can expect here : We won't say XWiki
is "perfectly secured", because there are no such things as perfectly
secured systems in the nature yet ; On the other side, if we hypoteticly
had known unresolved security issues, we would not tell about them here
either, because, well they are unresolved security issues that could be
exploited on running servers.
Hope this helps,
Jerome.
Thanks,
Alain
Sergiu Dumitriu escreveu:
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Please, can anyone help me on this matter?? I
have waited some time but
didn't get an answer. This is important, any information will help
-------
If I install xwiki in a VPS, and leave it running, with a firewall that
leaves open only the port that xwiki is using,
Could it be atacked by a hacker to gain access to the server?
Do I need some extra protection? Is there a security tutorial?
12 May
12 May
7:07 p.m.
New subject: [xwiki-users] How safe is xwiki?
Multiple answer:
Jerome Velociter escreveu:
You have a point here :) but then I can be reasonably tranquil that
security issues are taken care of...
------------
Ronald Parris escreveu:
Is XWiki prone to the same kind of problem?
I'm wondering what kind of answer you can expect here : We won't say XWiki
is "perfectly secured", because there are no such things as perfectly
secured systems in the nature yet ; On the other side, if we hypoteticly
had known unresolved security issues, we would not tell about them here
either, because, well they are unresolved security issues that could be
exploited on running servers. I run a web hosting service. 99% of the applications
deployed are
JAVA based.
1% of the applications are PHP based. HOWEVER 99% of all application
related security issues we deal with are related to PHP.
Ok, that is a reassuring information
----------
[Ricardo Rodriguez] Your EPEC Network ICT Team escreveu:
you are comparing two different things. PHP can not be one term of the
comparison. You can compare PHP with Java; or XWiki with MediaWiki
(the first
running on a Java servlet container, the second running on PHP.
Form Ronald's answer above, I can see that Java is reasonably safe as a
platform. I was not comparing PHP and XWiki, just giving an example ao
security issue...
------------
From all your answers, I feel safe enough about using XWiki.
Thanks to all,
Alain
Hope this helps,
Jerome.
Thanks,
Alain
Sergiu Dumitriu escreveu:
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Hi Alain,
There are 2 security areas when talking about XWiki: the security of the
underlying system, and the security of the wiki itself.
The first one depends a lot on the security of the container (Tomcat,
for example), and I think that most containers are pretty safe to use,
as a lot of websites are built on the Java technology. One important
aspect is the security model of the JVM; you can leave the container
without a security manager, which allows an application to do anything
(well, anything the user owning the java process can do on the system),
or enable the security manager which allows an application to do only
what you tell it to. While enabling the security manager is the safest
thing to do, we didn't quite experiment with this, so we can't provide a
good policy file that will allow XWiki to run, you will have to write it
yourself; there is a minimal file which allows XWiki to start under the
security manager, but it isn't tested on more than viewing a page (see
http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around
with this policy file until you determine the minimum safe set of rules,
then you won't have anything to worry about on the system security.
The second part is a bit trickier, as it depends a lot on how you manage
users and their rights. If you only grant view and edit rights to people
you trust, then there shouldn't be any risks. If you open the wiki for
public registration and public editing, then you will have the problem
any wiki has: anyone can alter the data. This is where the
administrator(s) are needed: managing users and their roles/rights. A
pretty good thing is that XWiki has versioning, so you can always revert
a document to a previous version, and a recycle bin, so you can recover
deleted documents.
Regarding rights, there is a major issue: XWiki has something called the
Programming right, something that allows users to go beyond simple
editing, as it allows a user to write scripts that can alter all the
data in the wiki, or even scripts that can do anything a java program
can do (even access the filesystem and send data over the network). This
is where the security manager I talked about above is useful, as it
restricts what such a script can do on the system. Now, this is
something you should take extra care about: it is not a problem unless
you make it one. Never let this right be used in the wiki, it is not
intended to be granted to normal users but to your "super"
administrators, who know how and when to use this access right. This
means that you should only use the default Admin account to setup the
wiki, then create a normal user for day-to-day editing.
So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only
a matter of proper configuration. It does not contain anything
inherently unsafe, it is built on a safe platform, with the dangerous
things (programming right) locked up by default.
Alain M. wrote:
> Please, can anyone help me on this matter?? I have waited some time but
> didn't get an answer. This is important, any information will help
> -------
>
> If I install xwiki in a VPS, and leave it running, with a firewall that
> leaves open only the port that xwiki is using,
>
> Could it be atacked by a hacker to gain access to the server?
>
> Do I need some extra protection? Is there a security tutorial?
>
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
6008
days inactive
6010
days old
7 comments
5 participants
participants (5)
-
[Ricardo Rodriguez] Your EPEC Network ICT Team -
Alain M. -
Jerome Velociter -
Ronald Parris -
Sergiu Dumitriu