[OpenSPARC-T2-DV] / tools / perl-5.8.0 / doc / MHonArc / faq / security.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML//EN">
<HTML>
<HEAD>
<TITLE>MHonArc FAQ: Security</TITLE></HEAD>
<BODY>

<!--X-NavButtons-Start-->
<p align=center>
[<a href="mime.html">Prev</a>][Next][<a href="faq.html">TOC</a>][<a href="http://www.mhonarc.org/">Home</a>]
</p>
<!--X-NavButtons-End-->

<!-- ===================================================================== -->
<HR>
<H2><a name="security">Security</a></H2>

<!--X-TOC-Start-->
<ul>
<li><a href="#spam">Can I obscure email addresses?</a></li>
<li><a href="#spam">How can I prevent web access to <tt>.mhonarc.db</tt> files?</a></li>
<li><a href="#htmldata">Why are HTML messages a security risk?</a></li>
<li><a href="#attachments">Why doesn't MHonArc, by default, use the specified filename when saving attachments?</a></li>
</ul>
<!--X-TOC-End-->

<!-- ??????????????????????????????????????????????????????????????? -->
<hr noshade size=1>
<table border=0>
<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
<h3><b><a name="spam">Can I obscure email addresses?</a></b></h3>
</td></tr></table>

<p>See the <b>SPAMMODE</b> resource.
</p>

<!-- ??????????????????????????????????????????????????????????????? -->
<hr noshade size=1>
<table border=0>
<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
<h3><b><a name="spam">How can I prevent web access to <tt>.mhonarc.db</tt> files?</a></b></h3>
</td></tr></table>

<p>MHonArc database files may contain information that you do
not want web users to directly access.  The best example is when
your archive is customized to obscure email addresses.  However,
in the MHonArc database file, the original, unobscured, addresses
exist.
</p>

<p>Practically, all web servers provide the ability deny access
to files.  Refer to your web server's documentation for the specifies.
If you are using the <a href="http://httpd.apache.org/">Apache HTTP server</a>,
the following configuration directive can be used:
</p>
<pre>
&lt;Files .mhonarc.db&gt;
    Order allow,deny
    Deny from all
&lt;/Files&gt;
</pre>
<p>If you have <tt>mod_rewrite</tt> enabled, you could use the following
instead:
</p>
<pre>
RewriteRule ^(.*)/.mhonarc.db $1 [R=permanent]
</pre>
<p>This will redirect browsers to the parent directory, which is
the actual archive associated with database file.
</p>

<!-- ??????????????????????????????????????????????????????????????? -->
<hr noshade size=1>
<table border=0>
<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
<h3><b><a name="htmldata">Why are HTML messages a security risk?</a></b></h3>
</td></tr></table>

<p>HTML can contain dynamic content, like JavaScript.  If an
HTML message is blindly archived, you are introducing foreign dynamic
content to your web site that you have no control over.  The best
example of this danger is the problem web-based email sites (e.g.
Hotmail) encountered when malicious people were sending HTML messages
to web-based email users and the messages contained dynamic content
that would popup windows (which had a similiar style of the web-based
email hosting provider) requesting sensitive information from
users (like passwords).
</p>

<p>The following is a brief list of some of the security issues
related to HTML messages:
</p>
<ul>
<li>Can contain foreign dynamic content.
    </li>
<li>Can autoload URLs (via IMG, and similiar, elements) which
    can be used to collect statistics on unsuspected readers.
    </li>
<li>Contain hidden contents (like server-side include comments)
    which may be processed by web servers to execute arbitrary
    programs or extract arbitrary system files.
    </li>
</ul>

<p>MHonArc's HTML filter (documented under the <b>MIMEFILTERS</b>) resource
provides functionality of stripping out HTML data to minimize security
exploits.  Check the document for full details.  The general recommendation
for the security conscience is to exclude any HTML message data, especially
for publicly accessible archives.
</p>

<!-- ??????????????????????????????????????????????????????????????? -->
<hr noshade size=1>
<table border=0>
<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
<h3><b><a name="attachments">Why doesn't MHonArc, by default, use the specified filename when saving attachments?</a></b></h3>
</td></tr></table>

<p>A malicious person could send a message with an attachment filename
that could overwrite existing content or be interpreted by the web
server in some special manner to execute actions.  Example: Apache
allows for the support for creating <tt>.htaccess</tt> files to allow
configuration settings within a directory.  If you have this feature
enabled and a message containes an attachment with the specified
filename <tt>.htaccess</tt> and MHonArc blindly used the attachment
filename, the attachment will override any existing <tt>.htaccess</tt>
file you created with a version defined by the sender of the message.
</p>

<p>Another possibility is that web servers sometimes interpret
filenames with certain extensions as executable content, like
<tt>.shtml</tt>, <tt>.cgi</tt>, <tt>.phtml</tt>.  If MHonArc used the
attachment filename, or even just the attachment filename extension,
anyone who can send mail that will be archived on your site can
introduce executable content.
</p>

<p>It is because of the above reasons that the
<tt><b>m2h_external::filter</b></tt> documented in the <b>MIMEFILTERS</b>
resource advises caution when using the filter options that enable
the usage of attachment filenames or filename extensions.
</p>

<!-- ===================================================================== -->
<hr>

<!--X-NavButtons-Start-->
<p align=center>
[<a href="mime.html">Prev</a>][Next][<a href="faq.html">TOC</a>][<a href="http://www.mhonarc.org/">Home</a>]
</p>
<!--X-NavButtons-End-->

<HR>
<address>
$Date: 2002/04/02 06:57:57 $ <br>
<img align="top" src="monicon.png" alt="">
<a href="http://www.mhonarc.org/"
><strong>MHonArc</strong></a><br>
Copyright &#169; 2002, <a href="http://www.earlhood.com/"
>Earl Hood</a>, <a href="mailto:mhonarc@mhonarc.org"
>mhonarc@mhonarc.org</a><br>
</address>
</BODY>
</HTML>
Commit	Line	Data
86530b38 AT	1	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML//EN">
	2	<HTML>
	3	<HEAD>
	4	<TITLE>MHonArc FAQ: Security</TITLE></HEAD>
	5	<BODY>
	6
	7	<!--X-NavButtons-Start-->
	8	<p align=center>
	9	[<a href="mime.html">Prev</a>][Next][<a href="faq.html">TOC</a>][<a href="http://www.mhonarc.org/">Home</a>]
	10	</p>
	11	<!--X-NavButtons-End-->
	12
	13	<!-- ===================================================================== -->
	14	<HR>
	15	<H2><a name="security">Security</a></H2>
	16
	17	<!--X-TOC-Start-->
	18	<ul>
	19	<li><a href="#spam">Can I obscure email addresses?</a></li>
	20	<li><a href="#spam">How can I prevent web access to <tt>.mhonarc.db</tt> files?</a></li>
	21	<li><a href="#htmldata">Why are HTML messages a security risk?</a></li>
	22	<li><a href="#attachments">Why doesn't MHonArc, by default, use the specified filename when saving attachments?</a></li>
	23	</ul>
	24	<!--X-TOC-End-->
	25
	26	<!-- ??????????????????????????????????????????????????????????????? -->
	27	<hr noshade size=1>
	28	<table border=0>
	29	<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
	30	<h3><b><a name="spam">Can I obscure email addresses?</a></b></h3>
	31	</td></tr></table>
	32
	33	<p>See the <b>SPAMMODE</b> resource.
	34	</p>
	35
	36	<!-- ??????????????????????????????????????????????????????????????? -->
	37	<hr noshade size=1>
	38	<table border=0>
	39	<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
	40	<h3><b><a name="spam">How can I prevent web access to <tt>.mhonarc.db</tt> files?</a></b></h3>
	41	</td></tr></table>
	42
	43	<p>MHonArc database files may contain information that you do
	44	not want web users to directly access. The best example is when
	45	your archive is customized to obscure email addresses. However,
	46	in the MHonArc database file, the original, unobscured, addresses
	47	exist.
	48	</p>
	49
	50	<p>Practically, all web servers provide the ability deny access
	51	to files. Refer to your web server's documentation for the specifies.
	52	If you are using the <a href="http://httpd.apache.org/">Apache HTTP server</a>,
	53	the following configuration directive can be used:
	54	</p>
	55	<pre>
	56	<Files .mhonarc.db>
	57	Order allow,deny
	58	Deny from all
	59	</Files>
	60	</pre>
	61	<p>If you have <tt>mod_rewrite</tt> enabled, you could use the following
	62	instead:
	63	</p>
	64	<pre>
65	RewriteRule ^(.*)/.mhonarc.db $1 [R=permanent]
66	</pre>
67	<p>This will redirect browsers to the parent directory, which is
68	the actual archive associated with database file.
69	</p>
70
71	<!-- ??????????????????????????????????????????????????????????????? -->
72	<hr noshade size=1>
73	<table border=0>
74	<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
75	<h3><b><a name="htmldata">Why are HTML messages a security risk?</a></b></h3>
76	</td></tr></table>
77
78	<p>HTML can contain dynamic content, like JavaScript. If an
79	HTML message is blindly archived, you are introducing foreign dynamic
80	content to your web site that you have no control over. The best
81	example of this danger is the problem web-based email sites (e.g.
82	Hotmail) encountered when malicious people were sending HTML messages
83	to web-based email users and the messages contained dynamic content
84	that would popup windows (which had a similiar style of the web-based
85	email hosting provider) requesting sensitive information from
86	users (like passwords).
87	</p>
88
89	<p>The following is a brief list of some of the security issues
90	related to HTML messages:
91	</p>
92	<ul>
93	<li>Can contain foreign dynamic content.
94	</li>
95	<li>Can autoload URLs (via IMG, and similiar, elements) which
96	can be used to collect statistics on unsuspected readers.
97	</li>
98	<li>Contain hidden contents (like server-side include comments)
99	which may be processed by web servers to execute arbitrary
100	programs or extract arbitrary system files.
101	</li>
102	</ul>
103
104	<p>MHonArc's HTML filter (documented under the <b>MIMEFILTERS</b>) resource
105	provides functionality of stripping out HTML data to minimize security
106	exploits. Check the document for full details. The general recommendation
107	for the security conscience is to exclude any HTML message data, especially
108	for publicly accessible archives.
109	</p>
110
111	<!-- ??????????????????????????????????????????????????????????????? -->
112	<hr noshade size=1>
113	<table border=0>
114	<tr valign=top><td><img src="monicon.png" align="bottom" alt=""></td><td>
115	<h3><b><a name="attachments">Why doesn't MHonArc, by default, use the specified filename when saving attachments?</a></b></h3>
116	</td></tr></table>
117
118	<p>A malicious person could send a message with an attachment filename
119	that could overwrite existing content or be interpreted by the web
120	server in some special manner to execute actions. Example: Apache
121	allows for the support for creating <tt>.htaccess</tt> files to allow
122	configuration settings within a directory. If you have this feature
123	enabled and a message containes an attachment with the specified
124	filename <tt>.htaccess</tt> and MHonArc blindly used the attachment
125	filename, the attachment will override any existing <tt>.htaccess</tt>
126	file you created with a version defined by the sender of the message.
127	</p>
128
129	<p>Another possibility is that web servers sometimes interpret
130	filenames with certain extensions as executable content, like
131	<tt>.shtml</tt>, <tt>.cgi</tt>, <tt>.phtml</tt>. If MHonArc used the
132	attachment filename, or even just the attachment filename extension,
133	anyone who can send mail that will be archived on your site can
134	introduce executable content.
135	</p>
136
137	<p>It is because of the above reasons that the
138	<tt><b>m2h_external::filter</b></tt> documented in the <b>MIMEFILTERS</b>
139	resource advises caution when using the filter options that enable
140	the usage of attachment filenames or filename extensions.
141	</p>
142
143	<!-- ===================================================================== -->
144	<hr>
145
146	<!--X-NavButtons-Start-->
147	<p align=center>
148	[<a href="mime.html">Prev</a>][Next][<a href="faq.html">TOC</a>][<a href="http://www.mhonarc.org/">Home</a>]
149	</p>
150	<!--X-NavButtons-End-->
151
152	<HR>
153	<address>
154	$Date: 2002/04/02 06:57:57 $ <br>
155	<img align="top" src="monicon.png" alt="">
156	<a href="http://www.mhonarc.org/"
157	><strong>MHonArc</strong></a><br>
158	Copyright © 2002, <a href="http://www.earlhood.com/"
159	>Earl Hood</a>, <a href="mailto:mhonarc@mhonarc.org"
160	>mhonarc@mhonarc.org</a><br>
161	</address>
162	</BODY>
163	</HTML>