Opened 13 years ago

Closed 11 years ago

#269 closed defect (fixed)

Greenstone CDROM - security risk?

Reported by: kjdon Owned by: nobody
Priority: moderate Milestone: CD-ROM Release for UNESCO
Component: Greenstone2 Runtime Severity: major
Keywords: Cc:


Is this just a CD problem, or local library problem in general??

From an email sent by Ed Robinson (10 Mar 2008)

I am about to issue a CD containing a Greenstone collection, and I had a friend have a look at it to check that he could install it easily on his machine. One of his comments back to me was:

"The program itself is dangerous – it hosts a local HTTP server on the machine that is then accessible by anyone, not just the user/owner of the program.”

So I would recommend that people disconnect from the internet after launching the program."

Ian's reply:

This is an excellent point, Ed. The Greenstone Local Library does not use an industrial-strength web server, just a mini one. In fact, even industrial-strength servers have security problems: our technical support people ask us to disconnect from the Internet if we test Greenstone using the IIS web server because of security problems, so even Microsoft can't seem to get it right.

Greenstone CD-ROM collections were originally, of course, envisaged for machines without any Internet connectivity. With the widespread uptake of broadband (and consequent growth in the types of attacks that can be perpetrated) personal computers that are connected to the Internet tend to be better setup "out of the box" to warn and/or guard against the risks: ISPs often hook you up with anti-virus schemes, and Windows Defender (an optional free download for Windows XP) is now rebranded and in Windows Vista as standard. Another common configuration at home is to have a local area network set up through a ADSL router or similar, which has firewall functionality built in -- nothing on the LAN is visible to the outside world unless you intentionally change the settings to the firewall. Under these conditions it is safe to use Greenstone CD-ROM collections.

We could -- and now you have pointed this out, probably will -- alter the Local Library server so that by default it only responds to requests from by default, with an option to make it more widely available if you want to take the risk.

Change History (3)

comment:1 by kjdon, 13 years ago

Component: Greenstone2 RuntimeCollection Exporting
Severity: major

comment:2 by kjdon, 12 years ago

Component: Collection ExportingGreenstone2 Runtime
Milestone: CD-ROM Release for UNESCO

For unesco contract, we have agreed to increase local library security by providing an option (on by default) to restrict it to serve requests only from localhost/

comment:3 by oranfry, 11 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.