Database Reference
In-Depth Information
Now, we certainly do not want our wonderful eXist server to be compromised by “the
bad guys,” and the eXist developers have gone to a lot of effort to try to ensure that
eXist maintains the integrity and security of your data. However, you should never
consider any computer system completely secure from intruders. As computer secu‐
rity expert Gene Spafford once said:
The only truly secure system is one that is powered off, cast in a block of concrete, and
sealed in a lead-lined room with armed guards.
With that in mind, we take a somewhat pessimistic view in this chapter and concede
that your system could indeed be compromised. However, we explain how you can
reduce the chances of this happening, and, should it happen, how you can limit the
damage caused. The advice herein should be seen as a guide, and should not be sub‐
stituted for the latest professional security advice. Certainly, there is always more that
can be done.
Reducing Collateral Damage
Should your eXist-db installation be compromised, you want to limit the amount of
damage that can be done by the intruder to the underlying server on which eXist is
installed. One of the most effective ways to do this is to run eXist under an unprivi‐
leged service account that is created for this sole purpose.
The unprivileged account should have absolutely no login rights to your server or
network. Further, the account should not be a member of any security groups on
your server, apart from a personal group of which it is the only member.
The
$EXIST_HOME
folder and all directories and files therein should be owned by a
secure system user, and the personal group of the unprivileged account should have
only the access permissions to the files in
$EXIST_HOME
that it needs.
Typically, the personal group will need read access to all files in
$EXIST_HOME
and
only
write access to the following folders:
•
$EXIST_HOME/webapp/WEB-INF/data
(configured
in
$EXIST_HOME/
conf.xml
)
•
$EXIST_HOME/webapp/WEB-INF/logs
(configured
in
$EXIST_HOME/
conf.xml
)
•
$EXIST_HOME/tools/wrapper/bin
(for just
.pid
and
.status
files)
•
$EXIST_HOME/tools/wrapper/logs
(configured in
$EXIST_HOME/tools/wrap‐
per/conf/wrapper.conf
)
•
$EXIST_HOME/tools/jetty/logs
(configured in
$EXIST_HOME/tools/jetty/etc/
jetty.xml
)
Search WWH ::
Custom Search