Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
intranet-core
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
project-open
intranet-core
Commits
b4045e90
Commit
b4045e90
authored
Sep 01, 2004
by
Frank Bergmann
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- added Quest security documents
parent
e3cd521b
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
265 additions
and
0 deletions
+265
-0
security_check.perl
www/doc/security/security_check.perl
+135
-0
security_guide.txt
www/doc/security/security_guide.txt
+130
-0
No files found.
www/doc/security/security_check.perl
0 → 100755
View file @
b4045e90
#!/usr/bin/perl
# --------------------------------------------------------------
# security_check.perl
#
# Automatic Security Check for TCL files
# 2004-08-06 Frank Bergmann
# Based on material from P/O
# --------------------------------------------------------------
use
strict
;
# Constants, variables and parameters
#
my
$debug
=
0
;
my
$folder_root
=
"N:/aimdev/packages/"
;
# Write a .CSV Header line so that the output can
# be opened by Excel directly.
print
"filename,status,require_login,ad_maybe_redirect_for_registration,ad_verify_and_get_user_id,unsave_dollar,comment\n"
;
# Main loop: use "find" to get the list of all TCL
# files in $folder_root.
#
my
$last_package_key
=
""
;
open
(
FILES
,
"find $folder_root -type f |"
);
while
(
my
$file
=<
FILES
>
)
{
# Remove trailing "\n"
chomp
(
$file
);
# Print a header line for every package
&
print_header
(
$file
);
# Extract the file extension
$file
=~
/\.([^\.]*)$/
;
my
$file_ext
=
$1
;
# Treat the files according to their extension
if
(
$file_ext
=~
/tcl/
)
{
&
analyze_tcl
(
$file
);
}
# if ($file_ext =~ /adp/) { &analyze_adp($file); }
if
(
$file_ext
=~
/xql/
)
{
&
analyze_xql
(
$file
);
}
}
close
(
FILES
);
# Print a new line in the CSV file for every
# package that we find...
# file may look like: "N:\aimdev\packages\nesta-static\..."
#
sub
print_header
{
(
my
$file
)
=
@_
;
print
"print_header: file='$file'\n"
if
(
$debug
);
if
(
$file
=~
/packages\/([^\/]*)\//
)
{
my
$package_key
=
$1
;
if
(
$last_package_key
ne
$package_key
)
{
print
"$package_key\n"
;
$last_package_key
=
$package_key
;
}
}
}
# Analyze a single TCL file:
# We're currently checking for the the presence of
# autentication only ([auth::require_login] or similar).
#
sub
analyze_tcl
{
(
my
$file
)
=
@_
;
print
"analyze_tcl: file='$file'\n"
if
(
$debug
);
my
$require_login
=
0
;
my
$ad_maybe_redirect_for_registration
=
0
;
my
$ad_verify_and_get_user_id
=
0
;
my
$unsave_dollar
=
0
;
my
$comment
=
""
;
open
(
F
,
$file
);
while
(
my
$line
=
<
F
>
)
{
$require_login
++
if
(
$line
=~
/require_login/
);
$ad_maybe_redirect_for_registration
++
if
(
$line
=~
/ad_maybe_redirect_for_registration/
);
$ad_verify_and_get_user_id
++
if
(
$line
=~
/ad_verify_and_get_user_id/
);
}
close
(
F
);
# Calculate the status - green, yellow or red
my
$sum
=
$require_login
+
$ad_maybe_redirect_for_registration
+
$ad_verify_and_get_user_id
;
my
$status
=
"undefined"
;
if
(
$sum
==
0
)
{
$status
=
"red"
;
$comment
=
"Didn't find any authentication in file"
;
}
if
(
$sum
>
0
)
{
$status
=
"yellow"
;
$comment
=
"Authentication found, but deprecated"
;
}
$status
=
"green"
if
(
$require_login
>
0
);
print
"$file,$status,$require_login,$ad_maybe_redirect_for_registration,$ad_verify_and_get_user_id,$unsave_dollar,\"$comment\"\n"
;
}
# Analyze a single XQL file:
# We just check that it doesn't contain "$"-variables.
#
#
sub
analyze_xql
{
(
my
$file
)
=
@_
;
print
"analyze_xql: file='$file'\n"
if
(
$debug
);
my
$dollar_count
=
0
;
my
$status
=
"undefined"
;
my
$comment
=
""
;
open
(
F
,
$file
);
while
(
my
$line
=
<
F
>
)
{
if
(
$line
=~
/\$(\w*)/
)
{
$dollar_count
++
;
$comment
=
$comment
.
" \$$1"
;
}
}
close
(
F
);
# Calculate the status - green, yellow or red
$status
=
"green"
;
if
(
$dollar_count
>
0
)
{
$status
=
"yellow"
;
$comment
=
$comment
.
" - Found a \$ character in XQL file"
;
}
print
"$file,$status,0,0,0,$dollar_count,\"$comment\"\n"
;
}
www/doc/security/security_guide.txt
0 → 100755
View file @
b4045e90
Nesta Security Proposal
(based on material from P/O)
1. Role-Based Permissions
1.1 Defining Role-Based Permissions
- Package security matrix:
An Excel sheet specifying required roles to access all
packages.
- Page security matrix:
An Excel sheet or similar specifiying required roles on
a per-page in the system who should be able to see it
or not
- Object security matrix (?)
1.2 Enforcing Role-Based Permissions:
- On the module level:
Impose a restriction on all files of a specific module
- On the page level:
Every page that is not part of a restricted modules should
contain a call to:
set user_id [auth::require_login]
in order to make sure that the user is logged on and to
avoid errors if the user login has expired.
After getting the autenticated user_id, the code can
manually check that a user belongs to a workflow role etc.
Please note that the ad_maybe_redirect_for_registration
and ad_verify_and_get_user_id routines are deprecated now.
- On the object level:
I think this is not being required by Quests workflow
systems.
- On the object attribute level:
Certain object attributes may be restricted to roles.
1.3 Auditing Role-Based Permissions
- Manual security testing:
Work together with the testing department to veryify
compliance with the security matrices
- White-box testing:
Check with an automatic analysis script that there
are [auth::require_login] entries in every file.
- Automatic testing:
Use TclWebTest to test the
- External Audit:
Let an external person try to break into the system
2. Application Security
2.1 Application Security Risks
- SQL statements with "$"-variables from a URL or HTTP
parameter may allow intruder to execute SQL statements.
- File I/O operations may allow access to OS-files
- "Exec" may allow intruders to execute Unix/Windows command
line commands.
- ... (ToDo: get an exhaustive list of all risky commands)
- The usual buffer overflows are not considered a risk
because we asume that the TCL interpreter and the standard
TCL commands are safe.
2.2 Application Security Measures
- Don't publish the proprietary TCL code to avoid that hackers
can analyze the code for vulnerabilities
- Enforce autentication on all pages to avoid execution of
risky commands by non-authenticated users.
- ...
2.3 Application Security Audit
- Scan all files for risky commands using a global search or
and automatic script
- Scan all files for "$"-variables in SQL code
3. System Security
- Run evey AOLServer instance with it's own unprivileged user
in order to separate it from possible other instances on the
same computer.
- Check the AOLServer security manual [1]
- Apply patches to the operating system regularly.
- Move/copy access-log files to a save place that can't be
modified from the AOLServer user in oder to be able to
track down incidents
4. References:
[1] AOLServer Security Guide
http://www.aolserver.com/docs/admin/security.html
[2] OSSTMM Security Testing Methodology
http://www.osstmm.org/
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment