On Mon, Aug 8, 2011 at 1:11 PM, Stéphane Ducasse <[email protected]>wrote:
> laurent > > are you doing that in a clone of the git vm because it would be good for > traceability? > We will. Laurent. > > Stef > > On Aug 8, 2011, at 10:09 AM, laurent laffont wrote: > > > Thanks for answers. > > > > What we are currently doing: > > - integrate some vm patches (thanks Mariano :) from netstyle / seaside > hosting which limit file system / socket access > > - try to run hosted images in another account > > > > It seems chrooting each account is not so easy. > > > > Yes, would be nice to make SmallHarbour running on FreeBSD. > > > > Laurent. > > > > > > On Mon, Aug 8, 2011 at 9:37 AM, Miguel Moquillon < > [email protected]> wrote: > > If the host of SmallHarbour is running with FreeBSD 8 or Solaris, you can > use the "capabilities" feature to give restrictive priviledges to the > program or to some parts of the program. In short a capability is a pair of > a reference to an object in the system with the rights on that object. You > can allocate to the program a set of capabilities that define the security > environment within which it will run. > > > > Mig > > > > Le 06/08/2011 14:31, Dale Henrichs a écrit : > > > > Laurent, > > > > I think that the best defense is the limited access/rights unix account, > perhaps even a separate unix user per account (to provide isolation between > accounts) ... I think this is what VMware does in in its Cloud Foundry ... > to be completely safe you'd have to turn off the ability to read and write > files and turn off socket access (this is what javascript in the browser > does), but going this far severely limits what you can do in the image ... I > would think that you could screw things down pretty tight just using unix > permissions .... > > > > Dale > > > > ----- Original Message ----- > > | From: "laurent laffont"<[email protected]> > > | To: "Seaside - developer list"<[email protected]>, > "An open mailing list to discuss any topics > > | related to an open-source Smalltalk"< > [email protected]> > > | Sent: Saturday, August 6, 2011 3:06:38 AM > > | Subject: [Pharo-project] Web app security > > | > > | Hi, > > | > > | > > | with a public SmallHarbour (public fork of SeasideHosting - > > | smallharbour.org ) people can upload images that do bad things: > > | change filesystem, run commands, .... > > | > > | > > | Actually, what are the ways of securing a server so people can't do > > | bad things ? > > | > > | > > | I'm thinking of: > > | - run the vm/image within a low right unix account > > | - remove dangerous plugins (OSProcess, ?) > > | > > | > > | Can we easily chroot ? > > | > > | > > | what are known solutions ? > > | > > | > > | Laurent. > > > > > > > > > > >
