Our WWW server is just a gateway for the application - there is no sensitive data on it. Marc Briceno wrote: > If the attackerss have root on your authentication system, they won't > need any certificates. > On Wed, 6 May 1998, Austin L. Gosling wrote: > > > We have a system which relies on Apache+SSLeay for user authentication. > > The whole thing sits behind a firewall, and only essential services are > > up, but we have to consider the impact of someone successfully getting > > in to the server. > > > > The possible security hazard I have in mind is, what if someone does > > manage to get into the server? They could conceivably add a CA public > > certificate of their own choosing to the CACertificateFile used by > > Apache+SSLeay, and then gain access to our system by writing their own > > certificate, which would be validated by the server based on the > > CACertificateFile contents. > > > > Naturally, this file is read-only, etc., but root is root! > > > > The only idea I've come up with so far is to put the CACertificateFile > > on some media which is _physically_ read-only (a floppy with the > > read-only tab set comes to mind). Is there a better solution? > > > > Austin Gosling > >
begin: vcard fn: Austin Gosling n: Gosling;Austin org: ioNET S.A. adr: Armando Pesantes OE9-743;;;Quito;Pichincha;;Ecuador email;internet: [EMAIL PROTECTED] title: General Manager tel;work: +593 2 43 54 12 tel;fax: +593 2 43 54 12 note: PGP public key http://www.ionet.com.ec/pubkeys/alg.txt x-mozilla-cpt: ;0 x-mozilla-html: FALSE version: 2.1 end: vcard
