path: root/doc/security.html
diff options
Diffstat (limited to 'doc/security.html')
1 files changed, 67 insertions, 0 deletions
diff --git a/doc/security.html b/doc/security.html
new file mode 100644
index 00000000..cdcc2d79
--- /dev/null
+++ b/doc/security.html
@@ -0,0 +1,67 @@
1<center><H3><font color='007700'>libwebserver Security</font></H3></center><BR><BR>
3<A name=what><B><font color='000077'>Is it safe to use?</font></B><BR>
4<UL>Well, I can't promise that it's a secure software since that not only depends on the software,
5 but all i can say is that wasn't found any security bug yet, this was developed intended to be secure,
6 you can use openssl (encrypted streams) to protect information that passes from webserver(lib) to client</UL>
8<A name=certificate><B><font color='000077'>How do I create my own certificate?</font></B><BR>
9<UL>You can either buy one from one of the big vendors (see your browser's stored certificates
10 for their addresses) or self-sign a self-created one. The upside of the bought
11 certificates is, that the webbrowser doesn't ask if the user wants to
12 accept that certificate, but instead checks with the certification authority
13 you bought your certificate from.<br>
14 The downside is that it costs quite a lot of money.<br>
15 To create your own certificate use openssl like that:
16 <ul><li>create a key and request:<br>
17 <pre><b>openssl req -new > foo-cert.csr</b></pre><br>
18 As "Common Name" you have to type in the name part of
19 your URL, i.e. if your web site will be
20 "https://www.libwebserver.rules:443/" the Common Name is
21 "www.libwebserver.rules".
22 <li> remove the passphrase from the key:<br>
23 <pre><b>openssl rsa -in privkey.pem -out foo-cert.key</b></pre><br>
24 <li>convert request into a signed certificate:<br>
25 <pre><b>openssl x509 -in foo-cert.csr -out foo-cert.cert -req -signkey foo-cert.key -days 356</b></pre><br>
26 <li>create .pem file:<br>
27 <pre><b>cat foo-cert.cert foo-cert.key >foo-cert.pem</b></pre><br>
28 </ul>
32<A name=tips><B><font size=4 color='770077'>Security tips</font></B><BR><HR>
34<A name=racecondition><B><font color='000077'>Avoid race condition problems</font></B><BR>
36 <B> What is race condition?</B>
37 <UL>A race condition occurs when two or more operations occur in an
38 undefined manner (McKusick et al. 1996). Specifically in file
39 system races the attacker attempts to change the state of the
40 file system in between two file system operations on the part
41 of the program.</UL><BR>
42 <B> How the lib determine temporary file name?</B>
43 <UL>
44 <li>generate file name (note: keep generating until it doesn't exists)<BR></li>
45 <li>check if file exists<BR>
46 -<small>attacker can create the file now, if he knows the right filename</small><BR></li>
47 <li>check if symlink exists<BR>
48 -<small>attacker can create the symlink now, if he knows the right filename</small><BR></li>
49 <li>create the file and redirect stdout to it <BR>
50 -<small>attacker can open the file and write to it</small><BR></li>
51 <li>places a lock into file (note: not in win98)<BR> </li>
52 <li>users operations, write, flush, read<BR></li>
53 <li>unlink the filename from the OS<BR></li>
54 </UL><BR>
57 libwebserver uses temporary filenames to hold and process data before send it to client, it uses the ambient variables to
58 determine temporary directory by following order "$TEMP,$TMP,$TMPDIR and the stdio.h P_tmpdir", libwebserver have several checks
59 and it locks file for avoid attackers from messing with temporary files, meanwhile is safely to change the tempdir (setting the ambient variable)
60 to an directory that is not writable for everyone and writable to lib (setenv("TEMP","/safedir"); you can do it before the web_server_run function