[plug] Is this secure
Grahame Bowland
grahame at ucs.uwa.edu.au
Fri Dec 14 14:13:26 WST 2001
On Fri, 2001-12-14 at 12:58, craig at postnewspapers.com.au wrote:
> My implementation might interest you. Nothing special, but I had to
> accept CC numbers over the web for out classified ad pages.
>
> All access by the user is over https. It is blatant, insane idiocy to
> use unencrypted http for this sort of thing.
>
> The form results are parsed by a perl cgi script, and are _never_
> written to disk. The script builds an eMail, encrypts it with gpg, and
> sends it to the appropriate address here. No data is stored on the
> webserver. The mailserver is behind the firewall, and only one person
> has the private key and passphrase needed to read the mail from the
> server.
> This is not paranoid enough, but I don't have the resources to do things
> like write a C program to run suid to a unique uid and lock its memory
> to prevent being swapped out. I'm working on the theory that if the box
> is compromised, they can just replace or modify the script anyway. So
> keep the box secured, and keep a good eye on tripwire.
Stick 1-2G of RAM in the box and turn off swap. You probably don't need
it anyway and Linux really sucks when it gets into swap (albeit a little
better with the new vm in 2.4, it was just crazy with 2.4.10 or
whatever.)
--
Grahame Bowland Email: grahame at ucs.uwa.edu.au
University Communications Services Phone: +61 8 9380 1175
The University of Western Australia Fax: +61 8 9380 1109
CRICOS: 00126G
More information about the plug
mailing list