W2H: Notes on Security
The applications developed to be used through the WWW interface should be always carefully
considered from the point of possible security holes. The WWW tools, specially
CGI
scripts
are very powerful and used in the wrong way can make your system vulnerable against the wanted or
unwanted attacks.
The W2H design must take into consideration the security issues even more because it enables an
access to the server computer completely, of course only for registered users.
The following security aspects are the most important:
- How to protect the server machine against the unauthorized users.
- How to protect the user data against an un-allowed access by other users.
- How to protect W2H tools to be miss-used by accessing them in the normal UNIX way,
not via HTTP server.
Only for registered users
The authentication is done by standard means of the http communication. The first time in the
current session when a user wants to access a W2H tool, a two-lines form appears on the screen
asking to put a user name and password. In some cases this authentication procedure can be displayed
more than once but always only at the beginning.
When properly answered, the current WWW browser
(The Netscape Navigator) becomes an open gate to the user account on the server side. It is very
similar like to have open a telnet session. Now, it's up to you to protect your screen against
miss-using by somebody else. Be careful that the authentication is permanent until you exit
your browser.
The authentication does not end by exiting the GCG session!
Note that you must have an UNIX account on the server machine to be able to use W2H.
The user name and password used in the authentication procedure are normally identical with
the login name and password used by other UNIX accesses (telnet). But it can be changed by your
system administrator.
- Summary.
- The registered users have the full access to the server computer under their normal UNIX accounts.
They have as many rights as allowed for a normal (e.g. telnet) access.
The authentication procedure is based on the http protocol.
Protection of the user data
It's simple. You protect your data by specifying the proper UNIX access rights to your
home directory on the server computer. That's all. Most data files are created implicitly in your
home directory, in the same way as done by WPI interface. On the top of it, The W2H guarantees
that also data created
"on the fly" and visible through WWW interface are accessible and visible only by you.
- Summary.
- If you would like to have more privacy, protect your home directory by specifying the
limited UNIX access rights. The rest is guaranteed automatically by W2H interface.
Note that you cannot change your UNIX access rights using W2H interface,
you have to login there by other means (e.g. by telnet).
The more details on implementation (such as setting user ID, or controlling access to the user's HTML
documents) can be found in the
installation manual.
Some of these security restrictions are waived using the Intranet mode.