W2H: Notes on Security

The applications developed to be used through the WWW interface should be always carefully considered from the point of possible security holes. The WWW tools, specially CGI scripts are very powerful and used in the wrong way can make your system vulnerable against the wanted or unwanted attacks.

The W2H design must take into consideration the security issues even more because it enables an access to the server computer completely, of course only for registered users. The following security aspects are the most important:

How to protect the server machine against the unauthorized users.
How to protect the user data against an un-allowed access by other users.
How to protect W2H tools to be miss-used by accessing them in the normal UNIX way, not via HTTP server.

Only for registered users

The authentication is done by standard means of the http communication. The first time in the current session when a user wants to access a W2H tool, a two-lines form appears on the screen asking to put a user name and password. In some cases this authentication procedure can be displayed more than once but always only at the beginning.

When properly answered, the current WWW browser (The Netscape Navigator) becomes an open gate to the user account on the server side. It is very similar like to have open a telnet session. Now, it's up to you to protect your screen against miss-using by somebody else. Be careful that the authentication is permanent until you exit your browser.

The authentication does not end by exiting the GCG session!

Note that you must have an UNIX account on the server machine to be able to use W2H. The user name and password used in the authentication procedure are normally identical with the login name and password used by other UNIX accesses (telnet). But it can be changed by your system administrator.

Summary.: The registered users have the full access to the server computer under their normal UNIX accounts. They have as many rights as allowed for a normal (e.g. telnet) access. The authentication procedure is based on the http protocol.

Protection of the user data

It's simple. You protect your data by specifying the proper UNIX access rights to your home directory on the server computer. That's all. Most data files are created implicitly in your home directory, in the same way as done by WPI interface. On the top of it, The W2H guarantees that also data created "on the fly" and visible through WWW interface are accessible and visible only by you.

Summary.: If you would like to have more privacy, protect your home directory by specifying the limited UNIX access rights. The rest is guaranteed automatically by W2H interface. Note that you cannot change your UNIX access rights using W2H interface, you have to login there by other means (e.g. by telnet).

The more details on implementation (such as setting user ID, or controlling access to the user's HTML documents) can be found in the installation manual.

Some of these security restrictions are waived using the Intranet mode.

senger@ebi.ac.uk

Last modified: Thu Oct 16 17:11:32 1997