Custom Query (424 matches)

Is this just a CD problem, or local library problem in general??

From an email sent by Ed Robinson (10 Mar 2008)

I am about to issue a CD containing a Greenstone collection, and I had a friend have a look at it to check that he could install it easily on his machine. One of his comments back to me was:

"The program itself is dangerous – it hosts a local HTTP server on the machine that is then accessible by anyone, not just the user/owner of the program.”

So I would recommend that people disconnect from the internet after launching the program."

Ian's reply:

This is an excellent point, Ed. The Greenstone Local Library does not use an industrial-strength web server, just a mini one. In fact, even industrial-strength servers have security problems: our technical support people ask us to disconnect from the Internet if we test Greenstone using the IIS web server because of security problems, so even Microsoft can't seem to get it right.

Greenstone CD-ROM collections were originally, of course, envisaged for machines without any Internet connectivity. With the widespread uptake of broadband (and consequent growth in the types of attacks that can be perpetrated) personal computers that are connected to the Internet tend to be better setup "out of the box" to warn and/or guard against the risks: ISPs often hook you up with anti-virus schemes, and Windows Defender (an optional free download for Windows XP) is now rebranded and in Windows Vista as standard. Another common configuration at home is to have a local area network set up through a ADSL router or similar, which has firewall functionality built in -- nothing on the LAN is visible to the outside world unless you intentionally change the settings to the firewall. Under these conditions it is safe to use Greenstone CD-ROM collections.

We could -- and now you have pointed this out, probably will -- alter the Local Library server so that by default it only responds to requests from 127.0.0.1/localhost by default, with an option to make it more widely available if you want to take the risk.

Reported by John Rose. I haven't tried it myself.

The new 2.80 CD-ROM asks whether you want to install Java (if it is not there), but when you say yes it just goes on to the question about ImageMagick without installing Java.

Presently the script replace_srcdoc_with_html works when GSDL is running locally. gli/src/org/greenstone/gatherer/gui/ReplaceSrcDocWithHtmlPrompt.java should be adjusted to work when GSDL is remote as well. And then tested.

Once tested, the changes need to be incorporated into Greenstone 3 as well.

$GSDLHOME/bin/script's gsConvert.pl has been changed, and replace_srcdoc_with_html.pl has been added. $GSDLHOME/perllib/plugins now has changes to *.pm files ConvertToPlug and ALL its subclasses, as well as TEXTPlug.pm. $GSDLHOME/perllib/ has changes to acronym.pm, while there are new additions to the file strings.properties. $GSDLHOME/gli/classes/dictionary.properties also has additions.

Finally, there are some changes to gli java source code files too: CollectionTree, CollectionTreeNode, FileManager, Plugin, PluginManager, Plugins. There have been some changes to CollectionManager and GShell to deal with spaces in filepaths.