27/5/2011 16:48:20
|
---|
|
ImpressCMS - SecurityI like to speak next week about CMS and security, in this case I like to show our special features. It is helpful for me, if you can tell me is short points what do you think about the ImpressCMS security.
Negative and positive things. (Sure I have wrote my list, but maybe I forgot somethings?) Thank you, Rene |
29/5/2011 9:48:28
|
---|
|
Re: ImpressCMS - SecurityPositives: The trust path, use of salts (see Vaughan's posts about how it works), and the updated hash algorithm. Also, support for SSL login and full-site SSL. There's the alternative authentication mechanisms but I haven't used them much so I don't know whether these are security enhancements or just conveniences.
Negatives: I think we have the basics covered. Sending passwords in the clear irks me, but the fact is that it is difficult to address in an out-of-the-box install and as far as I know all major CMS still work that way. I'm still working on adding support for 2-factor authentication (using hardware token) with Vaughan. I think adding password stretching would be a useful improvement to harden password hashes against offline dictionary attacks, but I'm still arguing the case for that one. |
29/5/2011 11:09:16
|
---|
|
Re: ImpressCMS - SecurityOn the subject of security - I think it would be a sensible idea to look at moving the cache and compile directories to trustpath.
I notice that xoopscube also had this approach as well - as per this very good ticket suggestion here: http://sourceforge.net/tracker/index.php?func=detail&aid=3101119&group_id=159211&atid=943472 The point about using a prefix is a very valid one, as it is possible I think to share trustpath over several sites on the same host (indeed, this is a possible way of achieving multi-site perhaps) |
29/5/2011 11:39:30
|
---|
|
Re: ImpressCMS - SecurityForgot to add: Session regeneration on login etc.
|
29/5/2011 11:45:12
|
---|
|
Re: ImpressCMS - SecurityThat sounds sensible to me.
|
29/5/2011 19:21:55
|
---|
|
Re: ImpressCMS - Securityas far as what we do that others don't -
* randomize db table prefix * separate sensitive data and place in trust path * randomize the trust path directory name * randomize the name of the secure data file * integration with html purifier * multiple password hash options, selectable by site * admin warnings for practices not followed * of course, protector module |