CMS Security
Dan Ritter
dsr-mzpnVDyJpH4k7aNtvndDlA at public.gmane.org
Thu Dec 31 11:03:14 EST 2009
On Thu, Dec 31, 2009 at 10:39:43AM -0500, Fred at PlanetaryServer.com wrote:
> Dan Ritter wrote:
> > you should assume that no CMS framework is offering any security at all.
> >
> > Oh, sure, they all have at least an idea of protecting pages from view or
> > edit. But their programmers weren't thinking of your threat model. They're
> > thinking "Wow, if a large site gets violated, they might have to restore
> > from backup. That could be painful!".
> >
> > This won't do if you are playing with real money. Worse if you are
> > playing with access details for direct deposit systems.
> >
> >
> Of course, if this site is set up so that it can only be access via a
> VPN, then the security question is contained to how secure the VPN is,
> thus eliminating any potential flaws in the CMS itself.
This statement is extremely wrong.
A well-implemented VPN provides protection against eavesdropping
on the network connection, and perhaps some degree of network
access control. It's not a magic security wand.
It certainly does not eliminate any flaws in the CMS. Suppose
any authorized user can edit any page, through an unintentional
hole. Suppose an authorized user can steal the credentials or
the effective use of another user. Suppose there is no or little
protection against password guessing. Suppose... x1000.
-dsr-
--
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.
You can't defend freedom by getting rid of it.
More information about the Discuss
mailing list