| [9] | 1 | SECURITY NOTE
|
|---|
| 2 |
|
|---|
| 3 | Al Woodhull <awoodhull@hampshire.edu> 2003-07-05
|
|---|
| 4 |
|
|---|
| 5 | Running a web server is fun, but it's also not without risks. If, like
|
|---|
| 6 | many Minix users, you are a guest on someone else's network, you need
|
|---|
| 7 | to be very careful to operate your server in ways that will not put
|
|---|
| 8 | your system at risk or interfere with others on the net. Here are some
|
|---|
| 9 | points to consider:
|
|---|
| 10 |
|
|---|
| 11 | - Be sure to touch /usr/adm/httpd.log (or whatever you specify as the log
|
|---|
| 12 | file in httpd.conf) before you start your web server for the first time
|
|---|
| 13 | -- nothing will be logged if the log file does not exist. Then look at
|
|---|
| 14 | your log file frequently and be alert for any unusual activity.
|
|---|
| 15 |
|
|---|
| 16 | - You may also want to be sure that tcpd is configured to operate in
|
|---|
| 17 | PARANOID mode. That will enable logging of connection attempts and
|
|---|
| 18 | allow you to use the serv.access (5) file to limit the kinds of
|
|---|
| 19 | connections that your system allows.
|
|---|
| 20 |
|
|---|
| 21 | - If you enable proxy webserving, be very careful, it can be used by
|
|---|
| 22 | people you don't know to visit sites that don't welcome visitors whose
|
|---|
| 23 | identity is hidden. This may cause your network host and ultimately you
|
|---|
| 24 | some unpleasantness.
|
|---|
| 25 |
|
|---|
| 26 | - The Minix httpd can also support CGI applications. These are also
|
|---|
| 27 | dangerous -- a CGI application allows someone else to execute a program
|
|---|
| 28 | on your computer. Make sure anything you allow this way cannot be
|
|---|
| 29 | abused. Many security violations are due to effects of input that was not
|
|---|
| 30 | expected by the original author of a program.
|
|---|
| 31 |
|
|---|
| 32 | - It's an understatement to say that Minix is not a well-known
|
|---|
| 33 | operating system. There are not many Minix systems operating as
|
|---|
| 34 | servers on the internet. A consequence of this is that there few, if
|
|---|
| 35 | any, people engaged in finding ways to attack weaknesses in Minix. But
|
|---|
| 36 | the idea of "security through obscurity" is deprecated by serious
|
|---|
| 37 | computer security experts. Any operating system or program of any
|
|---|
| 38 | degree of complexity is likely to have bugs or features that can be
|
|---|
| 39 | exploited in ways the original programmers did not foresee. You can't
|
|---|
| 40 | count on the "good guys" being the first ones to discover a risk.
|
|---|
| 41 | There are two things you should be sure to do if you are running a
|
|---|
| 42 | network server of any kind:
|
|---|
| 43 |
|
|---|
| 44 | (1) be alert for new versions of the program that may fix bugs
|
|---|
| 45 | discovered by other users, and
|
|---|
| 46 |
|
|---|
| 47 | (2) be sure to report to the program author or maintainer anything you
|
|---|
| 48 | observe that looks like a bug or a way the program can be misused.
|
|---|
