|Lesson 5|| Common gateway interface scripts|
|Objective|| Protect your system by ensuring the security of CGI scripts.|
Common Gateway Interface (CGI)
Common Gateway Interface (CGI) scripts are often the source of security holes.
Even when these are written properly, a hacker can use seemingly benign scripts to defeat your system's security. Take
great care in writing these scripts, and examine them closely for problems that may occur because the script
- Reads or writes files on the host
- Runs with set-user-id privileges
- Does not call out explicit path names
Securing CGI scripts
To further protect your systems security when using CGI scripts whether implemented with Java, ASP, Cold Fusion,
Net.Data, perl or C++:
- Isolate the operating system on its own hard drive or partition
- Place the Web server program on the second partition
- Move all the HTML files to another partition
- Assign read-only privileges to the drive containing the HTML content
- Place the scripts (such as CGI, Internet Services Application Programming Interface (ISAPI) and Perl scripts) on another partition
- Allow the scripts to be executed, but forbid writing to the drive
Internet Services Application Programming Interface (ISAPI)
A method developed by Microsoft to write programs that communicate with Web servers through OLE.
Cold Fusion Server
Allaire's Cold Fusion Server and Microsoft ASP have had significant security holes that allow users to execute
arbitrary code, sometimes gaining administrative access. Most of these problems lie with installing servers and
services and then leaving default settings. Similar problems exist with ODBC implementations.
A hacker will often try to place a trojan horse in the directory that contains a Web server's scripts. Then the hacker need only execute the script from any Web browser.
Trojan: A file or program that purports to operate in a legitimate way, but which also has an alternative, secret operation,
such as emailing sensitive company information to a hacker. A trojan horse is a specific program that destroys information on a hard drive.
By isolating the scripts in a specific drive or partition, you can restrict access to the entire hard drive.
Furthermore, if a partition is read-only, a hacker cannot copy files onto it, or copy or alter any of the files of the partition.
This placement is a specific example of how you can layer security techniques to create a matrix of secure systems,
devices, and resources.<
Unlike other Web servers, security in the Internet Information Server is mostly predicated on the parameters of the
Windows NT Server operating system. If you use this server, activate all auditing procedures and augment your security
by allowing the operating system to automatically reset permissions when you are not using the server.