BugsSite/docs/html/security.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
><HEAD
><TITLE
>Bugzilla Security</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 2.20.1 
    Release"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="Upgrading to New Releases"
HREF="upgrading.html"><LINK
REL="NEXT"
TITLE="Operating System"
HREF="security-os.html"></HEAD
><BODY
CLASS="chapter"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 2.20.1 
    Release</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="upgrading.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="security-os.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="chapter"
><H1
><A
NAME="security"
></A
>Chapter 4. Bugzilla Security</H1
><DIV
CLASS="TOC"
><DL
><DT
><B
>Table of Contents</B
></DT
><DT
>4.1. <A
HREF="security-os.html"
>Operating System</A
></DT
><DD
><DL
><DT
>4.1.1. <A
HREF="security-os.html#security-os-ports"
>TCP/IP Ports</A
></DT
><DT
>4.1.2. <A
HREF="security-os.html#security-os-accounts"
>System User Accounts</A
></DT
><DT
>4.1.3. <A
HREF="security-os.html#security-os-chroot"
>The <TT
CLASS="filename"
>chroot</TT
> Jail</A
></DT
></DL
></DD
><DT
>4.2. <A
HREF="security-mysql.html"
>MySQL</A
></DT
><DD
><DL
><DT
>4.2.1. <A
HREF="security-mysql.html#security-mysql-account"
>The MySQL System Account</A
></DT
><DT
>4.2.2. <A
HREF="security-mysql.html#security-mysql-root"
>The MySQL <SPAN
CLASS="QUOTE"
>"root"</SPAN
> and <SPAN
CLASS="QUOTE"
>"anonymous"</SPAN
> Users</A
></DT
><DT
>4.2.3. <A
HREF="security-mysql.html#security-mysql-network"
>Network Access</A
></DT
></DL
></DD
><DT
>4.3. <A
HREF="security-webserver.html"
>Webserver</A
></DT
><DD
><DL
><DT
>4.3.1. <A
HREF="security-webserver.html#security-webserver-access"
>Disabling Remote Access to Bugzilla Configuration Files</A
></DT
><DT
>4.3.2. <A
HREF="security-webserver.html#security-webserver-mod-throttle"
>Using <TT
CLASS="filename"
>mod_throttle</TT
> to Prevent a DOS</A
></DT
></DL
></DD
><DT
>4.4. <A
HREF="security-bugzilla.html"
>Bugzilla</A
></DT
></DL
></DIV
><P
>While some of the items in this chapter are related to the operating
  system Bugzilla is running on or some of the support software required to
  run Bugzilla, it is all related to protecting your data. This is not
  intended to be a comprehensive guide to securing Linux, Apache, MySQL, or
  any other piece of software mentioned. There is no substitute for active
  administration and monitoring of a machine. The key to good security is
  actually right in the middle of the word: <EM
>U R It</EM
>.
  </P
><P
>While programmers in general always strive to write secure code,
  accidents can and do happen. The best approach to security is to always
  assume that the program you are working with isn't 100% secure and restrict
  its access to other parts of your machine as much as possible.
  </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="upgrading.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="security-os.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Upgrading to New Releases</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
>&nbsp;</TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Operating System</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>