Re: [xwiki-users] How safe is xwiki?
Multiple answer: Jerome Velociter escreveu: > >> Is XWiki prone to the same kind of problem? > > I'm wondering what kind of answer you can expect here : We won't say XWiki > is "perfectly secured", because there are no such things as perfectly > secured systems in the nature yet ; On the other side, if we hypoteticly > had known unresolved security issues, we would not tell about them here > either, because, well they are unresolved security issues that could be > exploited on running servers. You have a point here :) but then I can be reasonably tranquil that security issues are taken care of... Ronald Parris escreveu: > I run a web hosting service. 99% of the applications deployed are > JAVA based. > 1% of the applications are PHP based. HOWEVER 99% of all application > related security issues we deal with are related to PHP. Ok, that is a reassuring information -- [Ricardo Rodriguez] Your EPEC Network ICT Team escreveu: > > you are comparing two different things. PHP can not be one term of the > comparison. You can compare PHP with Java; or XWiki with MediaWiki (the first running on a Java servlet container, the second running on PHP. Form Ronald's answer above, I can see that Java is reasonably safe as a platform. I was not comparing PHP and XWiki, just giving an example ao security issue... From all your answers, I feel safe enough about using XWiki. Thanks to all, Alain > > Hope this helps, > Jerome. >> Thanks, >> Alain >> >> Sergiu Dumitriu escreveu: >>> Hi Alain, >>> >>> There are 2 security areas when talking about XWiki: the security of the >>> underlying system, and the security of the wiki itself. >>> >>> The first one depends a lot on the security of the container (Tomcat, >>> for example), and I think that most containers are pretty safe to use, >>> as a lot of websites are built on the Java technology. One important >>> aspect is the security model of the JVM; you can leave the container >>> without a security manager, which allows an application to do anything >>> (well, anything the user owning the java process can do on the system), >>> or enable the security manager which allows an application to do only >>> what you tell it to. While enabling the security manager is the safest >>> thing to do, we didn't quite experiment with this, so we can't provide a >>> good policy file that will allow XWiki to run, you will have to write it >>> yourself; there is a minimal file which allows XWiki to start under the >>> security manager, but it isn't tested on more than viewing a page (see >>> http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around >>> with this policy file until you determine the minimum safe set of rules, >>> then you won't have anything to worry about on the system security. >>> >>> The second part is a bit trickier, as it depends a lot on how you manage >>> users and their rights. If you only grant view and edit rights to people >>> you trust, then there shouldn't be any risks. If you open the wiki for >>> public registration and public editing, then you will have the problem >>> any wiki has: anyone can alter the data. This is where the >>> administrator(s) are needed: managing users and their roles/rights. A >>> pretty good thing is that XWiki has versioning, so you can always revert >>> a document to a previous version, and a recycle bin, so you can recover >>> deleted documents. >>> >>> Regarding rights, there is a major issue: XWiki has something called the >>> Programming right, something that allows users to go beyond simple >>> editing, as it allows a user to write scripts that can alter all the >>> data in the wiki, or even scripts that can do anything a java program >>> can do (even access the filesystem and send data over the network). This >>> is where the security manager I talked about above is useful, as it >>> restricts what such a script can do on the system. Now, this is >>> something you should take extra care about: it is not a problem unless >>> you make it one. Never let this right be used in the wiki, it is not >>> intended to be granted to normal users but to your "super" >>> administrators, who know how and when to use this access right. This >>> means that you should only use the default Admin account to setup the >>> wiki, then create a normal user for day-to-day editing. >>> >>> So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only >>> a matter of proper configuration. It does not contain anything >>> inherently unsafe, it is built on a safe platform, with the dangerous >>> things (programming right) locked up by default. >>> >>> Alain M. wrote: Please, can anyone help me on this matter?? I have waited some time but didn't get an answer. This is important, any information will help --- If I install xwiki in a VPS, and leave it running, with a firewall that leaves open only the port that xwiki is using, Could it be
Re: [xwiki-users] How safe is xwiki?
Hello Alain, > Hi Sergiu, > > ok, I can say then that: > 1) Container security doesn't seam to a major concern, or you would have > been more preocupied. I will seek a qualified professional and pass > him your information. If you are looking for a highly secured server, the container security SHOULD be for you a major concern, since this is where you can narrow down things the contained webapps (would it be XWiki, or any other webapp) can do, as Sergiu explained in his mail. Especially for XWiki, since some of your users may be allowed to execute (potentially harmful) groovy code. For tomcat for example, you can first read http://tomcat.apache.org/tomcat-5.5-doc/security-manager-howto.html > 2) wiki secure by it's users is up to me :) this is quite normal > > BUT the real question: is if xwiki by it self has security issues. Let > me give an example: php has a weekness known as "sql injection". SQL injection is a type of issue which relates to any application database layer, not just to php applications (it can also exist on Java application that uses the JDBC API for example). > > Is XWiki prone to the same kind of problem? I'm wondering what kind of answer you can expect here : We won't say XWiki is "perfectly secured", because there are no such things as perfectly secured systems in the nature yet ; On the other side, if we hypoteticly had known unresolved security issues, we would not tell about them here either, because, well they are unresolved security issues that could be exploited on running servers. Hope this helps, Jerome. > > Thanks, > Alain > > Sergiu Dumitriu escreveu: >> Hi Alain, >> >> There are 2 security areas when talking about XWiki: the security of the >> underlying system, and the security of the wiki itself. >> >> The first one depends a lot on the security of the container (Tomcat, >> for example), and I think that most containers are pretty safe to use, >> as a lot of websites are built on the Java technology. One important >> aspect is the security model of the JVM; you can leave the container >> without a security manager, which allows an application to do anything >> (well, anything the user owning the java process can do on the system), >> or enable the security manager which allows an application to do only >> what you tell it to. While enabling the security manager is the safest >> thing to do, we didn't quite experiment with this, so we can't provide a >> good policy file that will allow XWiki to run, you will have to write it >> yourself; there is a minimal file which allows XWiki to start under the >> security manager, but it isn't tested on more than viewing a page (see >> http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around >> with this policy file until you determine the minimum safe set of rules, >> then you won't have anything to worry about on the system security. >> >> The second part is a bit trickier, as it depends a lot on how you manage >> users and their rights. If you only grant view and edit rights to people >> you trust, then there shouldn't be any risks. If you open the wiki for >> public registration and public editing, then you will have the problem >> any wiki has: anyone can alter the data. This is where the >> administrator(s) are needed: managing users and their roles/rights. A >> pretty good thing is that XWiki has versioning, so you can always revert >> a document to a previous version, and a recycle bin, so you can recover >> deleted documents. >> >> Regarding rights, there is a major issue: XWiki has something called the >> Programming right, something that allows users to go beyond simple >> editing, as it allows a user to write scripts that can alter all the >> data in the wiki, or even scripts that can do anything a java program >> can do (even access the filesystem and send data over the network). This >> is where the security manager I talked about above is useful, as it >> restricts what such a script can do on the system. Now, this is >> something you should take extra care about: it is not a problem unless >> you make it one. Never let this right be used in the wiki, it is not >> intended to be granted to normal users but to your "super" >> administrators, who know how and when to use this access right. This >> means that you should only use the default Admin account to setup the >> wiki, then create a normal user for day-to-day editing. >> >> So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only >> a matter of proper configuration. It does not contain anything >> inherently unsafe, it is built on a safe platform, with the dangerous >> things (programming right) locked up by default. >> >> Alain M. wrote: >>> Please, can anyone help me on this matter?? I have waited some time but >>> didn't get an answer. This is important, any information will help >>> --- >>> >>> If I install xwiki in a VPS, and leave it running, with a firewall that >>> leaves open only the port that xwiki is using,
Re: [xwiki-users] How safe is xwiki?
Alain M. wrote: > Hi Sergiu, > > ok, I can say then that: > 1) Container security doesn't seam to a major concern, or you would have > been more preocupied. I will seek a qualified professional and pass > him your information. > 2) wiki secure by it's users is up to me :) this is quite normal > > BUT the real question: is if xwiki by it self has security issues. Let > me give an example: php has a weekness known as "sql injection". > > Is XWiki prone to the same kind of problem? > > Alain, I run a web hosting service. 99% of the applications deployed are JAVA based. 1% of the applications are PHP based. HOWEVER 99% of all application related security issues we deal with are related to PHP. > Thanks, > Alain > > Sergiu Dumitriu escreveu: > >> Hi Alain, >> >> There are 2 security areas when talking about XWiki: the security of the >> underlying system, and the security of the wiki itself. >> >> The first one depends a lot on the security of the container (Tomcat, >> for example), and I think that most containers are pretty safe to use, >> as a lot of websites are built on the Java technology. One important >> aspect is the security model of the JVM; you can leave the container >> without a security manager, which allows an application to do anything >> (well, anything the user owning the java process can do on the system), >> or enable the security manager which allows an application to do only >> what you tell it to. While enabling the security manager is the safest >> thing to do, we didn't quite experiment with this, so we can't provide a >> good policy file that will allow XWiki to run, you will have to write it >> yourself; there is a minimal file which allows XWiki to start under the >> security manager, but it isn't tested on more than viewing a page (see >> http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around >> with this policy file until you determine the minimum safe set of rules, >> then you won't have anything to worry about on the system security. >> >> The second part is a bit trickier, as it depends a lot on how you manage >> users and their rights. If you only grant view and edit rights to people >> you trust, then there shouldn't be any risks. If you open the wiki for >> public registration and public editing, then you will have the problem >> any wiki has: anyone can alter the data. This is where the >> administrator(s) are needed: managing users and their roles/rights. A >> pretty good thing is that XWiki has versioning, so you can always revert >> a document to a previous version, and a recycle bin, so you can recover >> deleted documents. >> >> Regarding rights, there is a major issue: XWiki has something called the >> Programming right, something that allows users to go beyond simple >> editing, as it allows a user to write scripts that can alter all the >> data in the wiki, or even scripts that can do anything a java program >> can do (even access the filesystem and send data over the network). This >> is where the security manager I talked about above is useful, as it >> restricts what such a script can do on the system. Now, this is >> something you should take extra care about: it is not a problem unless >> you make it one. Never let this right be used in the wiki, it is not >> intended to be granted to normal users but to your "super" >> administrators, who know how and when to use this access right. This >> means that you should only use the default Admin account to setup the >> wiki, then create a normal user for day-to-day editing. >> >> So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only >> a matter of proper configuration. It does not contain anything >> inherently unsafe, it is built on a safe platform, with the dangerous >> things (programming right) locked up by default. >> >> Alain M. wrote: >> >>> Please, can anyone help me on this matter?? I have waited some time but >>> didn't get an answer. This is important, any information will help >>> --- >>> >>> If I install xwiki in a VPS, and leave it running, with a firewall that >>> leaves open only the port that xwiki is using, >>> >>> Could it be atacked by a hacker to gain access to the server? >>> >>> Do I need some extra protection? Is there a security tutorial? >>> >>> > ___ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > > > ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] How safe is xwiki?
Hi Alain, Alain M. wrote: > Hi Sergiu, > > ok, I can say then that: > 1) Container security doesn't seam to a major concern, or you would have > been more preocupied. I will seek a qualified professional and pass > him your information. > 2) wiki secure by it's users is up to me :) this is quite normal > > BUT the real question: is if xwiki by it self has security issues. Let > me give an example: php has a weekness known as "sql injection". > > Just a brief comment as my skills aren't enough to keep this discussion: you are comparing two different things. PHP can not be one term of the comparison. You can compare PHP with Java; or XWiki with MediaWiki (the first running on a Java servlet container, the second running on PHP. We come from MediaWiki. We was pretty happy there, but we where missing a number of things. Granularity in access control was the main one. XWiki is walking fast toward a powerful rights managing system. Hope this helps, Ricardo > Is XWiki prone to the same kind of problem? > > Thanks, > Alain -- Ricardo RodrÃguez Your EPEC Network ICT Team ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] How safe is xwiki?
Thanks for this explanation. Sergiu. Could this be the seed for a Security entry in the General Links right side menu in XWiki.org? It will be at least in EPEC Network! :-) Cheers, Ricardo Sergiu Dumitriu wrote: > Hi Alain, > > There are 2 security areas when talking about XWiki: the security of the > underlying system, and the security of the wiki itself. > > The first one depends a lot on the security of the container (Tomcat, > for example), and I think that most containers are pretty safe to use, > as a lot of websites are built on the Java technology. One important > aspect is the security model of the JVM; you can leave the container > without a security manager, which allows an application to do anything > (well, anything the user owning the java process can do on the system), > or enable the security manager which allows an application to do only > what you tell it to. While enabling the security manager is the safest > thing to do, we didn't quite experiment with this, so we can't provide a > good policy file that will allow XWiki to run, you will have to write it > yourself; there is a minimal file which allows XWiki to start under the > security manager, but it isn't tested on more than viewing a page (see > http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around > with this policy file until you determine the minimum safe set of rules, > then you won't have anything to worry about on the system security. > > The second part is a bit trickier, as it depends a lot on how you manage > users and their rights. If you only grant view and edit rights to people > you trust, then there shouldn't be any risks. If you open the wiki for > public registration and public editing, then you will have the problem > any wiki has: anyone can alter the data. This is where the > administrator(s) are needed: managing users and their roles/rights. A > pretty good thing is that XWiki has versioning, so you can always revert > a document to a previous version, and a recycle bin, so you can recover > deleted documents. > > Regarding rights, there is a major issue: XWiki has something called the > Programming right, something that allows users to go beyond simple > editing, as it allows a user to write scripts that can alter all the > data in the wiki, or even scripts that can do anything a java program > can do (even access the filesystem and send data over the network). This > is where the security manager I talked about above is useful, as it > restricts what such a script can do on the system. Now, this is > something you should take extra care about: it is not a problem unless > you make it one. Never let this right be used in the wiki, it is not > intended to be granted to normal users but to your "super" > administrators, who know how and when to use this access right. This > means that you should only use the default Admin account to setup the > wiki, then create a normal user for day-to-day editing. > > So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only > a matter of proper configuration. It does not contain anything > inherently unsafe, it is built on a safe platform, with the dangerous > things (programming right) locked up by default. > > Alain M. wrote: > >> Please, can anyone help me on this matter?? I have waited some time but >> didn't get an answer. This is important, any information will help >> --- >> >> If I install xwiki in a VPS, and leave it running, with a firewall that >> leaves open only the port that xwiki is using, >> >> Could it be atacked by a hacker to gain access to the server? >> >> Do I need some extra protection? Is there a security tutorial? >> >> > > -- Ricardo RodrÃguez Your EPEC Network ICT Team ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] How safe is xwiki?
Hi Sergiu, ok, I can say then that: 1) Container security doesn't seam to a major concern, or you would have been more preocupied. I will seek a qualified professional and pass him your information. 2) wiki secure by it's users is up to me :) this is quite normal BUT the real question: is if xwiki by it self has security issues. Let me give an example: php has a weekness known as "sql injection". Is XWiki prone to the same kind of problem? Thanks, Alain Sergiu Dumitriu escreveu: > Hi Alain, > > There are 2 security areas when talking about XWiki: the security of the > underlying system, and the security of the wiki itself. > > The first one depends a lot on the security of the container (Tomcat, > for example), and I think that most containers are pretty safe to use, > as a lot of websites are built on the Java technology. One important > aspect is the security model of the JVM; you can leave the container > without a security manager, which allows an application to do anything > (well, anything the user owning the java process can do on the system), > or enable the security manager which allows an application to do only > what you tell it to. While enabling the security manager is the safest > thing to do, we didn't quite experiment with this, so we can't provide a > good policy file that will allow XWiki to run, you will have to write it > yourself; there is a minimal file which allows XWiki to start under the > security manager, but it isn't tested on more than viewing a page (see > http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around > with this policy file until you determine the minimum safe set of rules, > then you won't have anything to worry about on the system security. > > The second part is a bit trickier, as it depends a lot on how you manage > users and their rights. If you only grant view and edit rights to people > you trust, then there shouldn't be any risks. If you open the wiki for > public registration and public editing, then you will have the problem > any wiki has: anyone can alter the data. This is where the > administrator(s) are needed: managing users and their roles/rights. A > pretty good thing is that XWiki has versioning, so you can always revert > a document to a previous version, and a recycle bin, so you can recover > deleted documents. > > Regarding rights, there is a major issue: XWiki has something called the > Programming right, something that allows users to go beyond simple > editing, as it allows a user to write scripts that can alter all the > data in the wiki, or even scripts that can do anything a java program > can do (even access the filesystem and send data over the network). This > is where the security manager I talked about above is useful, as it > restricts what such a script can do on the system. Now, this is > something you should take extra care about: it is not a problem unless > you make it one. Never let this right be used in the wiki, it is not > intended to be granted to normal users but to your "super" > administrators, who know how and when to use this access right. This > means that you should only use the default Admin account to setup the > wiki, then create a normal user for day-to-day editing. > > So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only > a matter of proper configuration. It does not contain anything > inherently unsafe, it is built on a safe platform, with the dangerous > things (programming right) locked up by default. > > Alain M. wrote: >> Please, can anyone help me on this matter?? I have waited some time but >> didn't get an answer. This is important, any information will help >> --- >> >> If I install xwiki in a VPS, and leave it running, with a firewall that >> leaves open only the port that xwiki is using, >> >> Could it be atacked by a hacker to gain access to the server? >> >> Do I need some extra protection? Is there a security tutorial? >> > ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] How safe is xwiki?
Hi Alain, There are 2 security areas when talking about XWiki: the security of the underlying system, and the security of the wiki itself. The first one depends a lot on the security of the container (Tomcat, for example), and I think that most containers are pretty safe to use, as a lot of websites are built on the Java technology. One important aspect is the security model of the JVM; you can leave the container without a security manager, which allows an application to do anything (well, anything the user owning the java process can do on the system), or enable the security manager which allows an application to do only what you tell it to. While enabling the security manager is the safest thing to do, we didn't quite experiment with this, so we can't provide a good policy file that will allow XWiki to run, you will have to write it yourself; there is a minimal file which allows XWiki to start under the security manager, but it isn't tested on more than viewing a page (see http://jira.xwiki.org/jira/browse/XWIKI-348). If you want to play around with this policy file until you determine the minimum safe set of rules, then you won't have anything to worry about on the system security. The second part is a bit trickier, as it depends a lot on how you manage users and their rights. If you only grant view and edit rights to people you trust, then there shouldn't be any risks. If you open the wiki for public registration and public editing, then you will have the problem any wiki has: anyone can alter the data. This is where the administrator(s) are needed: managing users and their roles/rights. A pretty good thing is that XWiki has versioning, so you can always revert a document to a previous version, and a recycle bin, so you can recover deleted documents. Regarding rights, there is a major issue: XWiki has something called the Programming right, something that allows users to go beyond simple editing, as it allows a user to write scripts that can alter all the data in the wiki, or even scripts that can do anything a java program can do (even access the filesystem and send data over the network). This is where the security manager I talked about above is useful, as it restricts what such a script can do on the system. Now, this is something you should take extra care about: it is not a problem unless you make it one. Never let this right be used in the wiki, it is not intended to be granted to normal users but to your "super" administrators, who know how and when to use this access right. This means that you should only use the default Admin account to setup the wiki, then create a normal user for day-to-day editing. So, as a conclusion, XWiki CAN be safe, and it CAN be unsafe, it is only a matter of proper configuration. It does not contain anything inherently unsafe, it is built on a safe platform, with the dangerous things (programming right) locked up by default. Alain M. wrote: > Please, can anyone help me on this matter?? I have waited some time but > didn't get an answer. This is important, any information will help > --- > > If I install xwiki in a VPS, and leave it running, with a firewall that > leaves open only the port that xwiki is using, > > Could it be atacked by a hacker to gain access to the server? > > Do I need some extra protection? Is there a security tutorial? > -- Sergiu Dumitriu http://purl.org/net/sergiu/ ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] How safe is xwiki?
Please, can anyone help me on this matter?? I have waited some time but didn't get an answer. This is important, any information will help --- If I install xwiki in a VPS, and leave it running, with a firewall that leaves open only the port that xwiki is using, Could it be atacked by a hacker to gain access to the server? Do I need some extra protection? Is there a security tutorial? thanks Alain ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
[xwiki-users] How safe is xwiki?
If I install xwiki in a VPS, and leave it running, with a firewall that leaves open only the port that xwiki is using, Could it be atacked by a hacker to gain access to the server? Do I need some extra protection? Is there a security tutorial? thanks Alain ___ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
