summaryrefslogtreecommitdiffstats
path: root/docs/html/security.html
diff options
context:
space:
mode:
authorgerv%gerv.net <>2004-01-25 03:30:57 +0100
committergerv%gerv.net <>2004-01-25 03:30:57 +0100
commit6c709dd097e65025038a0dc9c17fad6a88e99b6b (patch)
treec0c33411898e67410829ea142458440fe912b388 /docs/html/security.html
parentc7f3e4a3a055bbbec29a8731f388f9fa4648c768 (diff)
downloadbugzilla-6c709dd097e65025038a0dc9c17fad6a88e99b6b.tar.gz
bugzilla-6c709dd097e65025038a0dc9c17fad6a88e99b6b.tar.xz
Massive rearrangement of the installation section. Hopefully it makes sense now.
Diffstat (limited to 'docs/html/security.html')
-rw-r--r--docs/html/security.html686
1 files changed, 0 insertions, 686 deletions
diff --git a/docs/html/security.html b/docs/html/security.html
deleted file mode 100644
index 4bf56506e..000000000
--- a/docs/html/security.html
+++ /dev/null
@@ -1,686 +0,0 @@
-<HTML
-><HEAD
-><TITLE
->Bugzilla Security</TITLE
-><META
-NAME="GENERATOR"
-CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
-"><LINK
-REL="HOME"
-TITLE="The Bugzilla Guide - 2.17.5
- Development Release"
-HREF="index.html"><LINK
-REL="UP"
-TITLE="Installation"
-HREF="installation.html"><LINK
-REL="PREVIOUS"
-TITLE="OS Specific Installation Notes"
-HREF="os-specific.html"><LINK
-REL="NEXT"
-TITLE="Troubleshooting"
-HREF="troubleshooting.html"></HEAD
-><BODY
-CLASS="section"
-BGCOLOR="#FFFFFF"
-TEXT="#000000"
-LINK="#0000FF"
-VLINK="#840084"
-ALINK="#0000FF"
-><DIV
-CLASS="NAVHEADER"
-><TABLE
-SUMMARY="Header navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TH
-COLSPAN="3"
-ALIGN="center"
->The Bugzilla Guide - 2.17.5
- Development Release</TH
-></TR
-><TR
-><TD
-WIDTH="10%"
-ALIGN="left"
-VALIGN="bottom"
-><A
-HREF="os-specific.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="80%"
-ALIGN="center"
-VALIGN="bottom"
->Chapter 4. Installation</TD
-><TD
-WIDTH="10%"
-ALIGN="right"
-VALIGN="bottom"
-><A
-HREF="troubleshooting.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-></TABLE
-><HR
-ALIGN="LEFT"
-WIDTH="100%"></DIV
-><DIV
-CLASS="section"
-><H1
-CLASS="section"
-><A
-NAME="security"
-></A
->4.5. Bugzilla Security</H1
-><DIV
-CLASS="warning"
-><P
-></P
-><TABLE
-CLASS="warning"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="../images/warning.gif"
-HSPACE="5"
-ALT="Warning"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->Poorly-configured MySQL and Bugzilla installations have
- given attackers full access to systems in the past. Please take these
- guidelines seriously, even for Bugzilla machines hidden away behind
- your firewall. 80% of all computer trespassers are insiders, not
- anonymous crackers.</P
-><P
->This is not meant to be a comprehensive list of every possible
- security issue pertaining to the software mentioned in this section.
- There is
- no subsitute for reading the information written by the authors of any
- software running on your system.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-><DIV
-CLASS="section"
-><H2
-CLASS="section"
-><A
-NAME="security-networking"
-></A
->4.5.1. TCP/IP Ports</H2
-><P
->TCP/IP defines 65,000 some ports for trafic. Of those, Bugzilla
- only needs 1, or 2 if you need to use features that require e-mail such
- as bug moving or the e-mail interface from contrib. You should audit
- your server and make sure that you aren't listening on any ports you
- don't need to be. You may also wish to use some kind of firewall
- software to be sure that trafic can only be recieved on ports you
- specify.
- </P
-></DIV
-><DIV
-CLASS="section"
-><H2
-CLASS="section"
-><A
-NAME="security-mysql"
-></A
->4.5.2. MySQL</H2
-><P
->MySQL ships by default with many settings that should be changed.
- By defaults it allows anybody to connect from localhost without a
- password and have full administrative capabilities. It also defaults to
- not have a root password (this is <EM
->not</EM
-> the same as
- the system root). Also, many installations default to running
- <SPAN
-CLASS="application"
->mysqld</SPAN
-> as the system root.
- </P
-><P
-></P
-><OL
-TYPE="1"
-><LI
-><P
->Consult the documentation that came with your system for
- information on making <SPAN
-CLASS="application"
->mysqld</SPAN
-> run as an
- unprivleged user.
- </P
-></LI
-><LI
-><P
->You should also be sure to disable the anonymous user account
- and set a password for the root user. This is accomplished using the
- following commands:
- </P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><FONT
-COLOR="#000000"
-><PRE
-CLASS="programlisting"
->&#13;<TT
-CLASS="prompt"
->bash$</TT
-> mysql mysql
-<TT
-CLASS="prompt"
->mysql&#62;</TT
-> DELETE FROM user WHERE user = '';
-<TT
-CLASS="prompt"
->mysql&#62;</TT
-> UPDATE user SET password = password('<TT
-CLASS="replaceable"
-><I
->new_password</I
-></TT
->') WHERE user = 'root';
-<TT
-CLASS="prompt"
->mysql&#62;</TT
-> FLUSH PRIVILEGES;
- </PRE
-></FONT
-></TD
-></TR
-></TABLE
-><P
->From this point forward you will need to use
- <B
-CLASS="command"
->mysql -u root -p</B
-> and enter
- <TT
-CLASS="replaceable"
-><I
->new_password</I
-></TT
-> when prompted when using the
- mysql client.
- </P
-></LI
-><LI
-><P
->If you run MySQL on the same machine as your httpd server, you
- should consider disabling networking from within MySQL by adding
- the following to your <TT
-CLASS="filename"
->/etc/my.conf</TT
->:
- </P
-><TABLE
-BORDER="0"
-BGCOLOR="#E0E0E0"
-WIDTH="100%"
-><TR
-><TD
-><FONT
-COLOR="#000000"
-><PRE
-CLASS="programlisting"
->&#13;[myslqd]
-# Prevent network access to MySQL.
-skip-networking
- </PRE
-></FONT
-></TD
-></TR
-></TABLE
-></LI
-><LI
-><P
->You may also consider running MySQL, or even all of Bugzilla
- in a chroot jail; however, instructions for doing that are beyond
- the scope of this document.
- </P
-></LI
-></OL
-></DIV
-><DIV
-CLASS="section"
-><H2
-CLASS="section"
-><A
-NAME="security-daemon"
-></A
->4.5.3. Daemon Accounts</H2
-><P
->Many daemons, such as Apache's httpd and MySQL's mysqld default to
- running as either <SPAN
-CLASS="QUOTE"
->"root"</SPAN
-> or <SPAN
-CLASS="QUOTE"
->"nobody"</SPAN
->. Running
- as <SPAN
-CLASS="QUOTE"
->"root"</SPAN
-> introduces obvious security problems, but the
- problems introduced by running everything as <SPAN
-CLASS="QUOTE"
->"nobody"</SPAN
-> may
- not be so obvious. Basically, if you're running every daemon as
- <SPAN
-CLASS="QUOTE"
->"nobody"</SPAN
-> and one of them gets compromised, they all get
- compromised. For this reason it is recommended that you create a user
- account for each daemon.
- </P
-><DIV
-CLASS="note"
-><P
-></P
-><TABLE
-CLASS="note"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="../images/note.gif"
-HSPACE="5"
-ALT="Note"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->You will need to set the <TT
-CLASS="varname"
->webservergroup</TT
-> to
- the group you created for your webserver to run as in
- <TT
-CLASS="filename"
->localconfig</TT
->. This will allow
- <B
-CLASS="command"
->./checksetup.pl</B
-> to better adjust the file
- permissions on your Bugzilla install so as to not require making
- anything world-writable.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-><DIV
-CLASS="section"
-><H2
-CLASS="section"
-><A
-NAME="security-access"
-></A
->4.5.4. Web Server Access Controls</H2
-><P
->There are many files that are placed in the Bugzilla directory
- area that should not be accessable from the web. Because of the way
- Bugzilla is currently laid out, the list of what should and should
- not be accessible is rather complicated.
- </P
-><P
->Users of Apache don't need to worry about this, however, because
- Bugzilla ships with .htaccess files which restrict access to all the
- sensitive files in this section. Users of other webservers, read on.
- </P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->In the main Bugzilla directory, you should:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block:
- <TT
-CLASS="filename"
->*.pl</TT
->, <TT
-CLASS="filename"
->*localconfig*</TT
->, <TT
-CLASS="filename"
->runtests.sh</TT
->
- </P
-></LI
-><LI
-><P
->But allow:
- <TT
-CLASS="filename"
->localconfig.js</TT
->, <TT
-CLASS="filename"
->localconfig.rdf</TT
->
- </P
-></LI
-></UL
-></LI
-><LI
-><P
->In <TT
-CLASS="filename"
->data</TT
->:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-><LI
-><P
->But allow:
- <TT
-CLASS="filename"
->duplicates.rdf</TT
->
- </P
-></LI
-></UL
-></LI
-><LI
-><P
->In <TT
-CLASS="filename"
->data/webdot</TT
->:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->If you use a remote webdot server:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-><LI
-><P
->But allow
- <TT
-CLASS="filename"
->*.dot</TT
->
- only for the remote webdot server</P
-></LI
-></UL
-></LI
-><LI
-><P
->Otherwise, if you use a local GraphViz:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-><LI
-><P
->But allow:
- <TT
-CLASS="filename"
->*.png</TT
->, <TT
-CLASS="filename"
->*.gif</TT
->, <TT
-CLASS="filename"
->*.jpg</TT
->, <TT
-CLASS="filename"
->*.map</TT
->
- </P
-></LI
-></UL
-></LI
-><LI
-><P
->And if you don't use any dot:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-></UL
-></LI
-></UL
-></LI
-><LI
-><P
->In <TT
-CLASS="filename"
->Bugzilla</TT
->:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-></UL
-></LI
-><LI
-><P
->In <TT
-CLASS="filename"
->template</TT
->:</P
-><P
-></P
-><UL
-COMPACT="COMPACT"
-><LI
-><P
->Block everything</P
-></LI
-></UL
-></LI
-></UL
-><P
->You should test to make sure that the files mentioned above are
- not accessible from the Internet, especially your
- <TT
-CLASS="filename"
->localconfig</TT
-> file which contains your database
- password. To test, simply point your web browser at the file; for
- example, to test mozilla.org's installation, we'd try to access
- <A
-HREF="http://bugzilla.mozilla.org/localconfig"
-TARGET="_top"
->http://bugzilla.mozilla.org/localconfig</A
->. You should
- get a <SPAN
-CLASS="errorcode"
->403</SPAN
-> <SPAN
-CLASS="errorname"
->Forbidden</SPAN
->
- error.
- </P
-><DIV
-CLASS="caution"
-><P
-></P
-><TABLE
-CLASS="caution"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="../images/caution.gif"
-HSPACE="5"
-ALT="Caution"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->Not following the instructions in this section, including
- testing, may result in sensitive information being globally
- accessible.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-><DIV
-CLASS="tip"
-><P
-></P
-><TABLE
-CLASS="tip"
-WIDTH="100%"
-BORDER="0"
-><TR
-><TD
-WIDTH="25"
-ALIGN="CENTER"
-VALIGN="TOP"
-><IMG
-SRC="../images/tip.gif"
-HSPACE="5"
-ALT="Tip"></TD
-><TD
-ALIGN="LEFT"
-VALIGN="TOP"
-><P
->You should check <A
-HREF="http.html"
->Section 4.2</A
-> to see if instructions
- have been included for your web server. You should also compare those
- instructions with this list to make sure everything is properly
- accounted for.
- </P
-></TD
-></TR
-></TABLE
-></DIV
-></DIV
-></DIV
-><DIV
-CLASS="NAVFOOTER"
-><HR
-ALIGN="LEFT"
-WIDTH="100%"><TABLE
-SUMMARY="Footer navigation table"
-WIDTH="100%"
-BORDER="0"
-CELLPADDING="0"
-CELLSPACING="0"
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
-><A
-HREF="os-specific.html"
-ACCESSKEY="P"
->Prev</A
-></TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="index.html"
-ACCESSKEY="H"
->Home</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
-><A
-HREF="troubleshooting.html"
-ACCESSKEY="N"
->Next</A
-></TD
-></TR
-><TR
-><TD
-WIDTH="33%"
-ALIGN="left"
-VALIGN="top"
->OS Specific Installation Notes</TD
-><TD
-WIDTH="34%"
-ALIGN="center"
-VALIGN="top"
-><A
-HREF="installation.html"
-ACCESSKEY="U"
->Up</A
-></TD
-><TD
-WIDTH="33%"
-ALIGN="right"
-VALIGN="top"
->Troubleshooting</TD
-></TR
-></TABLE
-></DIV
-></BODY
-></HTML
-> \ No newline at end of file