Secure Coding mailing list archives
Installation and setup of secure applications
From: "Jean-Francois Poirier" <jeff () horslimites org>
Date: Tue, 20 Jan 2004 19:25:11 +0000
How much involvement do you believe that software developers should have in installing and configuring their applications in their host environments?
I would say definitely enormous. If developers are not actually installing the software themselves (as is the case sometimes in smaller custom development projects), they should at least be part of the setup/installation design phase -- as much in the case of an off-the-shelf installer package as in a broader, multi-component installation. Mainly because as the original authors, they can discuss with the implementation/installation team the various issues that they suspect will be encountered. Being a software developer in no way excuses one from being aware of the target environments and the conditions in which the application will run, on the contrary. I believe that any software developer who does claim such a thing is simply being careless and not as interested as he should be. Although it might be more difficult accomplish in very large scale projects where getting all the developers involved in the deployment planning would turn out to be a mess. I still believe at least some part of the development group has to be involved in installation/deployment.
Should applications be designed and implemented such that they make extensive use of their host OS security features? Note that I'm not saying that they should _rely_ on it, but should the developers make more use of the capabilities available to them (sometimes at the cost of easy portability) as one of many layers of defense? If so, how much is {enough|too much}?
I can see this becoming problematic for applications where the actual user base is not tied to the OS/environment user base. Tying user authentication to operating system-level authentication could probably induce a whole set of headaches at implementation time, should the application's user base be unrelated to the operating system's user base. Take for example web site security as implemented by Internet Information Server. In order to lock down areas of a web site, locks are implemented based on NTFS file-level permissions. Which implies that for every such user, a corresponding user must be created as part of the operation system users. This can lead, in a badly setup environment, to an actual security breach, and more worries for the IT personnel overseeing the system than, say, Apache's system, in which usernames and passwords combination that restrict access to various sections of a website are stored encrypted in designated protected files. So I would state that application-level user authentication and network or operating system authentication are often separate, and for a good reason; if the user bases do not match, forcing them to match by tying the application and the OS can become a security liability, not an improvement. jean-francois poirier
Current thread:
- Installation and setup of secure applications Kenneth R. van Wyk (Jan 20)
- Re: Installation and setup of secure applications Burak DAYIOGLU (Jan 20)
- Re: Installation and setup of secure applications Andreas Saurwein (Jan 20)
- Re: Installation and setup of secure applications Jose Nazario (Jan 20)
- Re: Installation and setup of secure applications der Mouse (Jan 20)
- Re: Installation and setup of secure applications Erik van Konijnenburg (Jan 20)
- Re: Installation and setup of secure applications Jose Nazario (Jan 20)
- <Possible follow-ups>
- Installation and setup of secure applications Jean-Francois Poirier (Jan 20)
- Re: Installation and setup of secure applications Damir Rajnovic (Jan 21)
- Re: Installation and setup of secure applications carolyn . ryll (Jan 20)
- Re: Installation and setup of secure applications Andreas Gaupmann (Jan 20)