Ticket #269 (closed defect: fixed)

Opened 12 years ago

Last modified 10 years ago

Greenstone CDROM - security risk?

Reported by: kjdon Owned by: nobody
Priority: moderate Milestone: CD-ROM Release for UNESCO
Component: Greenstone2 Runtime Severity: major
Keywords: Cc:

Description

Is this just a CD problem, or local library problem in general??

From an email sent by Ed Robinson (10 Mar 2008)

I am about to issue a CD containing a Greenstone collection, and I had a friend have a look at it to check that he could install it easily on his machine. One of his comments back to me was:

"The program itself is dangerous – it hosts a local HTTP server on the machine that is then accessible by anyone, not just the user/owner of the program.”

So I would recommend that people disconnect from the internet after launching the program."

Ian's reply:

This is an excellent point, Ed. The Greenstone Local Library does not use an industrial-strength web server, just a mini one. In fact, even industrial-strength servers have security problems: our technical support people ask us to disconnect from the Internet if we test Greenstone using the IIS web server because of security problems, so even Microsoft can't seem to get it right.

Greenstone CD-ROM collections were originally, of course, envisaged for machines without any Internet connectivity. With the widespread uptake of broadband (and consequent growth in the types of attacks that can be perpetrated) personal computers that are connected to the Internet tend to be better setup "out of the box" to warn and/or guard against the risks: ISPs often hook you up with anti-virus schemes, and Windows Defender (an optional free download for Windows XP) is now rebranded and in Windows Vista as standard. Another common configuration at home is to have a local area network set up through a ADSL router or similar, which has firewall functionality built in -- nothing on the LAN is visible to the outside world unless you intentionally change the settings to the firewall. Under these conditions it is safe to use Greenstone CD-ROM collections.

We could -- and now you have pointed this out, probably will -- alter the Local Library server so that by default it only responds to requests from 127.0.0.1/localhost by default, with an option to make it more widely available if you want to take the risk.

Change History

Changed 12 years ago by kjdon

  • component changed from Greenstone2 Runtime to Collection Exporting
  • severity set to major

Changed 11 years ago by kjdon

  • component changed from Collection Exporting to Greenstone2 Runtime
  • milestone set to CD-ROM Release for UNESCO

For unesco contract, we have agreed to increase local library security by providing an option (on by default) to restrict it to serve requests only from localhost/127.0.0.1

Changed 10 years ago by oranfry

  • status changed from new to closed
  • resolution set to fixed
Note: See TracTickets for help on using tickets.