Show
Ignore:
Timestamp:
23.11.2012 16:38:44 (7 years ago)
Author:
ak19
Message:

First step to improving the security issues in GS2 and GS3: now GS2's httpd.conf is set up to deny access to .gdb files, since users.gdb is to be made inaccessible. Tested that connecting to a remote (Win) GS3 server under a new user account still works (from a Linux GLI client).

Location:
main/trunk/greenstone2/runtime-src/packages/apache-httpd
Files:
2 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/httpd.conf.in

    r24901 r26512  
    444444     Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
    445445  </Directory> 
     446 
     447# Deny access to users.gdb (and other gdb files) 
     448# Tested with remote GS2 server on Windows against linux client 
     449# If any issues, can try appending the line:  
     450#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
     451  <FilesMatch "\.gdb"> 
     452     Order deny,allow 
     453     Deny from all 
     454  </FilesMatch> 
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in

    r24902 r26512  
    522522     Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
    523523  </Directory> 
     524 
     525# Deny access to users.gdb (and other gdb files) 
     526# Tested with remote GS2 server on Windows against linux client 
     527# If any issues, can try appending the line:  
     528#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost 
     529  <FilesMatch "\.gdb"> 
     530     Order deny,allow 
     531     Deny from all 
     532  </FilesMatch>