My basic strategy to give myself an increased confidence in
the security of my TWiki installation - to make myself feel
better that TWiki is not providing a huge security hole
- has been to use UNIX setgid programs.
I later learned about Apache suexec, and cgi-wrap.
(Actually, I am pretty sure I knew about them but had forgotten,
since security and webserver is just a hobby, not my normal
job.)
Basically, I install setgid wrappers in the CGI directories
that perform the sort of checks suexec does,
and then exec the TWiki Perl scripts.
I would like to a distinct group for each security level.
For "public" access, where intranet users can use at the wiki
without any authentication, I want to use a group that nobody else
uses, and arrange to have the files in twiki/data accessible
either other=readwrite or other=readonly.
For "controlled" access, I require users to log in using a .htpasswd
file that our local sysadmins keep in synch with the UNIX/yp/NIS
passwd database. For each UNIX group that wants to have a wiki,
I create a set of setgid wrappers that executes in that group,
and arrange the appropriae UNIX filesystems permissions
- e.g. group=readonly, group=readwrite with other=readonly or other=noaccess, etc.
Basically, I am trusting that Apache is relatively secure getting
to the authentication, but I am not trusting TWiki's Perl scripts
any more than I would a user on the system.
It might be better to suexec to the actual user who authenticated,
but I see some value in tracking files that were created by the webserver,
user=www.
Using this setgid approach, I have two basic ways of setting up
TWiki. With a problem noted below. 
etc.
In this situation I don't rely on TWiki's internal access control for security. I might use it for some convenience features, e.g. to encourage people to be well behaved, but I prefer not to rely on it. -- AndyGlew - 15 Apr 2003
etc.
In this situation I don't rely on TWiki's internal access control for security. I might use it for some convenience features, e.g. to encourage people to be well behaved, but I prefer not to rely on it. -- AndyGlew - 15 Apr 2003
Topic revision: r3 - 2004-01-01 - SvenDowideit
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Lima Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.