| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <HTML |
| ><HEAD |
| ><TITLE |
| >Bugzilla Security</TITLE |
| ><META |
| NAME="GENERATOR" |
| CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK |
| REL="HOME" |
| TITLE="The Bugzilla Guide - 2.20.1 |
| Release" |
| HREF="index.html"><LINK |
| REL="PREVIOUS" |
| TITLE="Upgrading to New Releases" |
| HREF="upgrading.html"><LINK |
| REL="NEXT" |
| TITLE="Operating System" |
| HREF="security-os.html"></HEAD |
| ><BODY |
| CLASS="chapter" |
| BGCOLOR="#FFFFFF" |
| TEXT="#000000" |
| LINK="#0000FF" |
| VLINK="#840084" |
| ALINK="#0000FF" |
| ><DIV |
| CLASS="NAVHEADER" |
| ><TABLE |
| SUMMARY="Header navigation table" |
| WIDTH="100%" |
| BORDER="0" |
| CELLPADDING="0" |
| CELLSPACING="0" |
| ><TR |
| ><TH |
| COLSPAN="3" |
| ALIGN="center" |
| >The Bugzilla Guide - 2.20.1 |
| Release</TH |
| ></TR |
| ><TR |
| ><TD |
| WIDTH="10%" |
| ALIGN="left" |
| VALIGN="bottom" |
| ><A |
| HREF="upgrading.html" |
| ACCESSKEY="P" |
| >Prev</A |
| ></TD |
| ><TD |
| WIDTH="80%" |
| ALIGN="center" |
| VALIGN="bottom" |
| ></TD |
| ><TD |
| WIDTH="10%" |
| ALIGN="right" |
| VALIGN="bottom" |
| ><A |
| HREF="security-os.html" |
| ACCESSKEY="N" |
| >Next</A |
| ></TD |
| ></TR |
| ></TABLE |
| ><HR |
| ALIGN="LEFT" |
| WIDTH="100%"></DIV |
| ><DIV |
| CLASS="chapter" |
| ><H1 |
| ><A |
| NAME="security" |
| ></A |
| >Chapter 4. Bugzilla Security</H1 |
| ><DIV |
| CLASS="TOC" |
| ><DL |
| ><DT |
| ><B |
| >Table of Contents</B |
| ></DT |
| ><DT |
| >4.1. <A |
| HREF="security-os.html" |
| >Operating System</A |
| ></DT |
| ><DD |
| ><DL |
| ><DT |
| >4.1.1. <A |
| HREF="security-os.html#security-os-ports" |
| >TCP/IP Ports</A |
| ></DT |
| ><DT |
| >4.1.2. <A |
| HREF="security-os.html#security-os-accounts" |
| >System User Accounts</A |
| ></DT |
| ><DT |
| >4.1.3. <A |
| HREF="security-os.html#security-os-chroot" |
| >The <TT |
| CLASS="filename" |
| >chroot</TT |
| > Jail</A |
| ></DT |
| ></DL |
| ></DD |
| ><DT |
| >4.2. <A |
| HREF="security-mysql.html" |
| >MySQL</A |
| ></DT |
| ><DD |
| ><DL |
| ><DT |
| >4.2.1. <A |
| HREF="security-mysql.html#security-mysql-account" |
| >The MySQL System Account</A |
| ></DT |
| ><DT |
| >4.2.2. <A |
| HREF="security-mysql.html#security-mysql-root" |
| >The MySQL <SPAN |
| CLASS="QUOTE" |
| >"root"</SPAN |
| > and <SPAN |
| CLASS="QUOTE" |
| >"anonymous"</SPAN |
| > Users</A |
| ></DT |
| ><DT |
| >4.2.3. <A |
| HREF="security-mysql.html#security-mysql-network" |
| >Network Access</A |
| ></DT |
| ></DL |
| ></DD |
| ><DT |
| >4.3. <A |
| HREF="security-webserver.html" |
| >Webserver</A |
| ></DT |
| ><DD |
| ><DL |
| ><DT |
| >4.3.1. <A |
| HREF="security-webserver.html#security-webserver-access" |
| >Disabling Remote Access to Bugzilla Configuration Files</A |
| ></DT |
| ><DT |
| >4.3.2. <A |
| HREF="security-webserver.html#security-webserver-mod-throttle" |
| >Using <TT |
| CLASS="filename" |
| >mod_throttle</TT |
| > to Prevent a DOS</A |
| ></DT |
| ></DL |
| ></DD |
| ><DT |
| >4.4. <A |
| HREF="security-bugzilla.html" |
| >Bugzilla</A |
| ></DT |
| ></DL |
| ></DIV |
| ><P |
| >While some of the items in this chapter are related to the operating |
| system Bugzilla is running on or some of the support software required to |
| run Bugzilla, it is all related to protecting your data. This is not |
| intended to be a comprehensive guide to securing Linux, Apache, MySQL, or |
| any other piece of software mentioned. There is no substitute for active |
| administration and monitoring of a machine. The key to good security is |
| actually right in the middle of the word: <EM |
| >U R It</EM |
| >. |
| </P |
| ><P |
| >While programmers in general always strive to write secure code, |
| accidents can and do happen. The best approach to security is to always |
| assume that the program you are working with isn't 100% secure and restrict |
| its access to other parts of your machine as much as possible. |
| </P |
| ></DIV |
| ><DIV |
| CLASS="NAVFOOTER" |
| ><HR |
| ALIGN="LEFT" |
| WIDTH="100%"><TABLE |
| SUMMARY="Footer navigation table" |
| WIDTH="100%" |
| BORDER="0" |
| CELLPADDING="0" |
| CELLSPACING="0" |
| ><TR |
| ><TD |
| WIDTH="33%" |
| ALIGN="left" |
| VALIGN="top" |
| ><A |
| HREF="upgrading.html" |
| ACCESSKEY="P" |
| >Prev</A |
| ></TD |
| ><TD |
| WIDTH="34%" |
| ALIGN="center" |
| VALIGN="top" |
| ><A |
| HREF="index.html" |
| ACCESSKEY="H" |
| >Home</A |
| ></TD |
| ><TD |
| WIDTH="33%" |
| ALIGN="right" |
| VALIGN="top" |
| ><A |
| HREF="security-os.html" |
| ACCESSKEY="N" |
| >Next</A |
| ></TD |
| ></TR |
| ><TR |
| ><TD |
| WIDTH="33%" |
| ALIGN="left" |
| VALIGN="top" |
| >Upgrading to New Releases</TD |
| ><TD |
| WIDTH="34%" |
| ALIGN="center" |
| VALIGN="top" |
| > </TD |
| ><TD |
| WIDTH="33%" |
| ALIGN="right" |
| VALIGN="top" |
| >Operating System</TD |
| ></TR |
| ></TABLE |
| ></DIV |
| ></BODY |
| ></HTML |
| > |