Worth noting is that all sensitive information will be written in tucows-client.xml file, which you can specify during the setup process to be in any directory you want. Typically, you'd put this file outside of the web server visible directories.
Regards, ------------------------------------ Zeljko Dimic Technical Product Manager [EMAIL PROTECTED] Tucows Inc. 96 Mowat Avenue Toronto, ON, M6K 3M1 Canada tel: 416.535.0123 x 1256 fax: 416.531.5584 ------------------------------------ > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Christopher > X. Candreva > Sent: Friday, August 12, 2005 3:59 PM > To: [email protected] > Subject: [domains-gen] Securing CCS in a shared server environment > > > > For our own purposes, I'm planning on deploying CCS on an > internal server of > our own, so myself I'm not overly worried. However, since requests for > shared hosts for CCS have gone out, I thought I would bring this > up. Maybe > I'll learn something. :-) > > I see a hole in shared environments, where the shared key for > accessing the > OpenSRS server might be accessible by any other web site on the > server. (I'm > talking about a virtual host situation, with separate "virtual root" > servers). > > For shared environments, we generally do development in perl, so > I'm not as > familiar with PHP. For perl (or any CGI), when actual security is > needed we > run the script suid a dedicated user, that has access to the programs and > any data the program needs. This keeps sensitive data (ie, MySQL > passwords, > or the OpenSRS shared key in this case) from needed to be world write, so > only the CGI for that site can read them. > > As I understand PHP, it runs as the web server user (nobody). > Anything the > PHP scripts need to read has to be world readable, which for CCS > is going to > include the generated reseller key. Now, PHP can be locked to specific > directories, but if you are on a shared server that gives CGI access, any > other CGI program will probably run as the web server process, > and can read > your shared key. > > If the site uses suexec for everyone's CGI, and you make the file > with the > key readable by the web server user but NOT world read, then it should be > safe. But, if any other site can run their own CGI as the web > server user, > your key is vulnerable. > > Which is a long-winded way of saying -- I would think CCS should > not really > be run on a shared server for production use. > > As I said, I'm more a perl person than a PHP person, so please > excuse me if > either this is, or I've missed something, glaringly obvious. > > > ========================================================== > Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816 > WestNet Internet Services of Westchester > http://www.westnet.com/ > _______________________________________________ > domains-gen mailing list > [email protected] > http://discuss.tucows.com/mailman/listinfo/domains-gen > _______________________________________________ domains-gen mailing list [email protected] http://discuss.tucows.com/mailman/listinfo/domains-gen
