root / pykota / trunk / SECURITY @ 1188

Revision 1186, 4.2 kB (checked in by jalet, 21 years ago)

General improvements to the documentation.
Email address changed in sample configuration file, because
I receive low quota messages almost every day...

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1# $Id$
2
3PyKota - Print Quota for CUPS and LPRng
4
5(c) 2003 Jerome Alet <alet@librelogiciel.com>
6This program is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published by
8the Free Software Foundation; either version 2 of the License, or
9(at your option) any later version.
10
11This program is distributed in the hope that it will be useful,
12but WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14GNU General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with this program; if not, write to the Free Software
18Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
19
20====================================================================
21
22  These recommandations are there because as of April 28th 2003
23  PyKota doesn't enforce them. You may or may not follow them,
24  depending on your user's IT knowledge, how much your trust them,
25  etc...
26 
27====================================================================
28
29How to improve PyKota's security :
30----------------------------------
31
32  - Most of the stuff which was there was deleted because PyKota's
33    configuration files permissions should take care of most
34    security problems. BUT of course, you have to set them correctly !
35   
36  - Ensure that no regular user can read PyKota administrator's
37    configuration file, but that both the print quota administrator and
38    the user the printing system is run as can read it. Depending on
39    your system's configuration, this may give something like :
40   
41      $ chown lp.lpadmin /etc/pykota/pykotadmin.conf
42      $ chmod 640 /etc/pykota/pykotadmin.conf
43   
44    If the print quota administrator is root then he will always be
45    able to read PyKota's configuration file.
46   
47    Letting any user read PyKota administrator's configuration file may
48    expose passwords or database information which would allow write
49    access to the database, and so may transform your print quota
50    management in a nightmare.
51 
52    If you want to let users generate their own print quota reports,
53    then ensure that /etc/pykota/pykota.conf is readable by
54    everyone, but writeable only by the root user :
55   
56      $ chown root.root /etc/pykota/pykota.conf
57      $ chmod 644 /etc/pykota/pykota.conf
58     
59    NB : If you use the printquota.cgi CGI script, ensure that
60         the user this script is run as (e.g. nobody or www-data)
61         can read PyKota's configuration file /etc/pykota/pykota.conf
62         BUT can't read PyKota administrator's configuration file
63         /etc/pykota/pykotadmin.conf
64         Refer to Apache's documentation for details.
65 
66  - Secure your database connection :
67 
68    Depending on the database backend used, either PostgreSQL or
69    OpenLDAP, you may have to take additionnal measures to render
70    your database more secure. Please refer to your database system's
71    documentation on configuration to learn how to do so. This is out
72    of the scope of the present document which will only give basic
73    informations.
74   
75    Keep in mind that if you use a centralized database, you may have
76    to restrict which hosts can access to it (i.e. the Print Servers).
77   
78    For the PostgreSQL backend, PyKota already defines a user with
79    read/write access and another user with read-only access to
80    the Print Quota Database. PyKota doesn't set any passwords
81    for these users though, but doing it is recommanded, and
82    explained elsewhere in PyKota's documentation.
83   
84    For the OpenLDAP backend, YOU have to ensure that no regular
85    user can write to any PyKota specific attribute or objectClass.
86    Otherwise they could modify their quota at will.
87   
88    You also have to define two binding DNs in your LDAP tree,
89    one of them should be able to have a read only access to
90    everything. The other one should be able to write, for
91    example your LDAP admin user is fine for this.
92    Now put the readonly user in /etc/pykota/pykota.conf
93    and the read-write one in /etc/pykota/pykotadmin.conf
94   
95====================================================================
Note: See TracBrowser for help on using the browser.