On 29/06/2013 20:57, Anthony Papillion wrote:
On 06/29/2013 08:14 AM, Nick wrote:
Quoth Fabio Pietrosanti (naif):
It would be a nice transparency measure to run a small web server
that provide direct access to the full server filesystem, allowing
to browse everything and download any files, with few exceptions
such as SSH or SSL private keys.
That way anyone would be able to fully inspect the server, even
without logging-in, by assessing configurations and checking out
that logs are not kept.
It would be nice, but you're still entirely trusting the server
admin to be providing an honest view of the system.
Both of you bring up good points and it's something I personally worry
about when using a service: even though a server admin "says" they
aren't logging, how do we really *they* aren't logging? In some cases,
we can go by reputation in the community. For example, if Jacob
Appelbaum from the Tor Project started a service, we could all be
"fairly sure" that he's not going to do something sneaky. But someone
like me, who's brand new in the community with zero reputation, that's a
different story.
Thank you both for the feedback. I'm going to look at what you both said
and see what I can do.
Thanks!
anthony
some info might also be useful for hacking you, e.g. if you expose your
php version, kernel version, etc. if you give the world read access to
everything; u'd better make sure you patch your system as promptly as
possible. if you're hacked once; nobody will ever trust ur system
anymore; especially if u have not patched against known vulnerabilities.
There are things like trusted boot u could use to have better certitude
there is no rootkit on ur system. but u need to reboot the machine once
in a while so it's not optimum. Maybe u can have several VMs and
re-route traffic to another VM when u reboot one server.
There is some work on type-safe web servers and disposable VM like
http://www.xenproject.org/developers/teams/mirage-os.html,
<http://www.xenproject.org/developers/teams/mirage-os.html>http://erlangonxen.org/,
https://github.com/GaloisInc/HaLVM that theoretically make it virtually
impossible for u to get hacked into (not by the hosting company though).
However m note sure how easy it is to add ur own tweaks to it.
also, i think they still rely on some c/c++ code for ssl and this is
perfect either.
Maybe u're simply better off using a good sandboxing mechanism for ur
web server.
Just thoughts...
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at [email protected] or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
