Comments (7)
The regular site is turned off when the installation wizard is activated and it's not possible to login unless the configured
appkey has been changed. Once the appKey have been changed to true
the installation wizard is inaccessible.
Only one admin account can be created during the installation. So if an attacker gains access to the URI and manages to create an account before the real admin it's noticeable. In that case the real admin should delete that account and create it's own. I could add a text which highlights that something is wrong if an account exists and if it has not been created by the admin itself.
The attacker can however not access the site with the created admin account since only the installation wizard can be accessed.
But now when I think about it. The attacker can change the SMTP settings and by doing so gain access to the activation links and by doing so get an account. However, the default installation allows anyone that know the URI to create an account.
An installation account is a nice approach but is a bit more complicated since no authorization parts have been configured when the installation wizard is run.
Another approach is to add a installationRemoteHostFilter
appKey which must be set when configuring. Add your own ip/remotehost. localhost
would be allowed per default
what do you think?
from coderr.server.
It was the initial admin run I was thinking of, not the regular site. To prevent any external access except by the person setting up the box.
For example, a deploy from source may leave it unattended for some time during which it can be discovered and someone else can claim ownership. If it was dependent on a key being set in web.config by the owner then this value would be required to initiate setup. After setup, it would be ignored.
I don't think the localhost filtering would work for me as local access to a hosted Azure instance is not possible via a web browser and for many, putting their IP into source so it gets deployed might be problematic too.
If you'd rather leave it, I understand. It is just a limited window of opportunity, I was thinking that secure by default would be useful.
from coderr.server.
My suggestions was also for the installation wizard. The initial idea was that the server was installed in the company network and that the FW only is opened once the server is configured. That's why it's designed like it is.
But as you say. If OTE is deployed in azure additional measured need to be taken. My suggestions was for that specific case. Maybe the easiest approach is to configure an admin account in the config file.
I also agree that secure by default is great.
from coderr.server.
I'm happy to create a pull request for setting an installation password in the app config. I would not put a fixed / known password in though, instead I would force the admin to set one otherwise it will go into the master list of default passwords available here.
However, if this does not sit well with your design goals, please just close this issue. I won't be offended.
from coderr.server.
A pull request would be awesome
from coderr.server.
corrected in the next commit
from coderr.server.
The installation wizard now have a simple input field that must match a new appSettings key on the first page.
from coderr.server.
Related Issues (20)
- Error during initial configuration HOT 1
- about reopen status cannot update HOT 4
- Dashboard why show all incidents HOT 1
- configuring codeRR with WPF HOT 3
- Incidents being deleted by background process HOT 8
- AccountService->AcceptInvitation can not create proper ClaimsPrincipals
- Read-Only User
- Object reference not set HOT 4
- E-mail account password not hidden HOT 2
- Incidents not showing HOT 6
- Error when creating new application HOT 1
- Add support for HTTP push notifications HOT 1
- Incorrect report count under 'Analyze reports' HOT 1
- URL in 'spike detected' email doesn't work HOT 1
- Image in 'Administration home' broken HOT 1
- Selecting 'incidents' after specifying an application still shows all applications
- Rowspace keeps increasing when clicking ExceptionProperties HOT 1
- Newly created application missing HOT 1
- GUI: table rows hard to read due to low contrast HOT 1
- Installation on GNU/Linux / official Docker image HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coderr.server.