|
Pages: [1]
|
 |
|
Author
|
Topic: Rootschat webspace security 'problem' (not) (Read 981 times)
|
canberra_act
RootsChat Extra
 Offline
Posts: 76
Only 10 people understand binary....
|
Moderator comment: This topic is has been brought to the attention of Rootschat Admin, who will be addressing it as soon as they are able.
Like many of you, I took up the generous offer of some free RootsChat webspace. I logged in, entered my user name and password, and put up a copy of PhpGedView. Then I uploaded a GEDCOM, and password protected that as well.
To my great concern, I found that anyone - anyone! - could simply go to my space and download anything they want. To demonstrate this, try http://calder.rootschat.net/xxx.txt and you will pluck a file from my webspace. If it works in my webspace, it will probably work in yours.
So I have had to remove GEDCOMs, because anyone could help themselves to my files. I have other webspace on other servers, and this sort of thing is impossible with them.
Please, Mr RootsChat, you have quite adequate security for uploads, can we please have reasonable security for the material we trust you with?
Paul
Australia
Moderator Comment:Thread title altered to better reflect concerns raised. Falkyrn
|
|
|
|
« Last Edit: Saturday 02 December 06 08:28 GMT (UK) by trystan »
|
Logged
|
Pond : Burt : Rowett in southern England
|
|
|
trystan
Moderator
RootsChat Aristocrat
Offline
Posts: 1777
One of the RootsChat Caretakers
|
This is not a security problem, it's how the internet works.
All files on webspaces are viewable to all internet users if they know the addresses (files names and path) of them.
The exceptions are file names which are 'processed' (or 'parsed') by the server. These 'parsed' files are generally ones that have dynamic effects. A good example of this is files ending in '.php'. The seever recognizes '.php' files then says to itself 'I have to do something with this file before showing it' - so in the case of php files it runs it through the php interpreter then show the results of the what the file does and not the file itself.
Another example is a file that begins with a dot '.' (or 'full stop', or 'period') - in which case the server won't show it at all.
Now keep in mind that filename that begins wit a dot. This is pretty good. You can secretly hide away whole directories of files in the server space. A quick easy way to do this is to have a '.htaccess' file with a '.htpasswd' associated with it. A few short lines and a password kept in the '.htpasswd'. If you try to access a space protected like that, then you'd be greeted with a little pop-up username and password box.
Data in databases are hidden just by the way 'php' files written themselves. That's why on occasion if the programmer hasn't been too careful, things can go a bit wrong. But we're talking data here, and not files. Data in (mysql) databases are also protected from other users using username and password combinations, so things go tickety boo quite well for data security.
Anyhow, I'm getting sidetracked here, sorry! So let's say you put a file called 'mysecret.txt' on your webspace. Would I be able to see it? Well quite possibly I may not be able to just because unless you tell me what it's called, and where to find it then I would just have to guess that it was called 'mysecret.txt'. If however you put a link to it, then yes the whole world would be able to see 'mysecret.txt'.
Now, here comes the bottom line though. Your RootsChat webspace is there to provide a service to the whole genealogy community.
You could hide details of living people, as long as that data was in the 'mysql' database which a package like 'phpgedcom' was looking after for you on the RootsChat webspace. If however a program like phpGedcom was relying on using things like '.htaccess' to hide things then you'd be out of luck because that file is not accessible to our users.
That particular file looks after nice things like the amount of space allocated to you and the bandwidth that you have used up amongst other things. Item 10 of the 'Terms of Service' also says "You may not password protect any link provided on any of your pages located on the RootsChat Webspace server". That basically is to stop people password protecting files that could have obscene or objectionable content - you have to bear in mind that all sorts of people try and sign up for the free webspace. When we see a password protected part of phpGedcom then we see that as fine (but if the whole of phpGedcom password protected then we would see the site as 'data warehousing'). Also, other bits that can of course be password protected are 'admin' areas for managing your site.
So like I said, this is not a security problem, it's how the internet works. In summary then, all files on all webservers are viewable unless they are 'special' (parsed) files, or ones protected by other mechanisms.
|
|
|
|
|
Logged
|
Send RootsChat a postcard: RootsChat.com, Europa House, Barcroft Street, Bury, Lancashire, BL9 5BT Admin Tip: Forgotten your Username or Password and would like to reply to one of these messages? CLICK HERE to get a reminder.
AOL Users: You may need to 'cut and paste' any links you get in emails for them to work.
|
|
|
falcybe
RootsChat Member
Offline
Posts: 114
Census information Crown Copyright, from www.nationalarchives.gov.uk
|
Probably not a security problem as ID theft would probably be very difficult with the info put up on a tree but some people don’t like being seen.
Example 1
http://membres.lycos.fr/haydencowan/phpgedview/index/HaydenCowan.ged
The website declined to show this webpage
Even logged in, the website declined to show this webpage and the only access to it is through an ftp, or PGV of course 
http://membres.lycos.fr/haydencowan/phpgedview/index.php
Welcome to Your Genealogy
24 November 2006 - 10:38:32pm
The genealogy information on this website is powered by PhpGedView 3.3.8. This page provides an introduction and overview to this genealogy.
If I click on a private name then a pop-up says “details on this person are private... you may contact...”
_____________________________________________________________
Example 2
http://arthurfhayden.rootschat.net/phpview/index/howard-hidden.ged
Gives me a pop-up asking me if I want to open or save the file and if I click on save then that is what happens.
http://arthurfhayden.rootschat.net/phpview/index.php
Welcome to Your Genealogy
22 November 2006 - 10:52:38pm
The genealogy information on this website is powered by PhpGedView 4.0.2. This page provides an introduction and overview to this genealogy.
If I click on a private name then a pop-up says “details on this person are private... you may contact...” - Or I can download the gedcom without telling anyone
__________________________________________________________________
I appreciate what you are saying, Trystan, and couldn’t agree more, in general. Perhaps what Paul and I have been saying was badly explained which is why I have posted these two examples to try and show what we mean. You can see the great difference is the saving of the gedcom itself. One site says push off, very politely, RC says here you are equally politely. I don’t know how it is done but know it wasn’t pushed up a level.
You wrote in your explanation (and there is quite a paragraph on security in the installation guide.)
Data in databases are hidden just by the way 'php' files written themselves. That's why on occasion if the programmer hasn't been too careful, things can go a bit wrong. But we're talking data here, and not files. Data in (mysql) databases are also protected from other users using username and password combinations, so things go tickety boo quite well for data security.
http://wiki.phpgedview.net/en/index.php/Talk:Installation_Guide#Security_and_good_manners
Even though PhpGedView gives you the ability to hide the details of living individuals, whenever you post the personal details of living individuals on the Internet, you should first obtain the permission of EACH living person you plan to include. There are many people who would not even want their name linked with their family history made public on the Internet and their wishes should be respected and honored. Most family history programs allow you to choose the people who are exported when you create your GEDCOM file. The most secure option is to deselect all living people in your genealogy program when you export your genealogical data to a GEDCOM file We thought that our data was protected in this way and until my sister’s brother-in-law showed me, I was ignorant of being able to download. With the gedcom.ged being accessible in Rootschat the database protection is pointless and that is what rang alarm bells with us.
However, this is your site and if you want to run it your way I have no problem at all with that. I’m not leaving because I like it here and since I discovered my geds are not protected I make a special tree with the living not even put on Rootschat.
There are, however, (to quote Little Nell) people who are not quite computer literate and they may not be looking in this sort of thread and they may have read the installation guide and thought they had their rellies secret. So, if you are keeping your style could I perhaps suggest that all new arrivals and all existing RootsChatters with PGV trees already up be informed that their geds can be downloaded in case they want to change their geds; I have seen the private info on one other tree just to prove it wasn’t only my ged which was freely available. Just a thought, shoot me down in flames if I’m out of sync.
All the best and thanks for a lovely site and forum
falcybe
|
|
|
|
|
Logged
|
Hayden Cowan Weir Jowett Barclay Howard Gooch Joiner Rayner Ash Travers Coltman Samuel Falconer Lacey Croton Clarke Robinson Alden Burroughs Ford Lusty
Click on the globe to go to our site
|
|
|
trystan
Moderator
RootsChat Aristocrat
Offline
Posts: 1777
One of the RootsChat Caretakers
|
Like I said, if you upload a .ged file to a webserver and if it's not protected from viewing in some manner then it will be viewable.
I can set it so that no '.ged' files are viewable across the whole server, that's easy, but then it means that those people who want to allow others to download their file will not be able to. So by pleasing one set of people one is upsetting another group.
What should happen (and others have touched on this) is upload the .ged file to phpGedview, let it import the data, then remove the .ged file.
|
|
|
|
|
Logged
|
Send RootsChat a postcard: RootsChat.com, Europa House, Barcroft Street, Bury, Lancashire, BL9 5BT Admin Tip: Forgotten your Username or Password and would like to reply to one of these messages? CLICK HERE to get a reminder.
AOL Users: You may need to 'cut and paste' any links you get in emails for them to work.
|
|
|
|
|
|
Pages: [1]
|
|
|
|
|
