Changes between Version 11 and Version 12 of Download


Ignore:
Timestamp:
Dec 22, 2015 2:35:50 PM (21 months ago)
Author:
pbaumann
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Download

    v11 v12  
    3939
    4040A complete VM, also including all [http://www.osgeo.org OSGeo] certified tools, is available for download at [http://live.osgeo.org/en/download.html live.osgeo.org].
     41Be aware that this installation relies on the OSGeo release cycle and, therefore, will usually not reflect the latest software state.
    4142
    42 This relies on the OSGeo release cycle and, therefore, will usually not reflect the latest software state.
     43== Security ==
     44
     45There are several security measures available, which should be considered seriously. Among them are the access right mechanisms found in Tomcat, web server, rasdaman, and PostgreSQL. We highly recommend to make use of these.
     46
     47For Tomcat, Web server, and PostgreSQL we refer to the pertaining documentation.
     48For rasdaman, we recommend to change the default user passwords in rasdaman (rasguest/rasguest for read-only access, rasadmin/rasadmin for read-write and administrator access) to not run into the Oracle "Scott/tiger" trap. Even better, add separate, private users. For all these actions, the `rascontrol` utility is your friend (cf. [browser:manuals_and_examples/manuals/doc-guides/inst-guide.pdf installation guide]).
     49Along the same line we recommend to configure petascope access to rasdaman using a read-only login which is different from the default one provided in the `petascope.properties` file.
     50
     51The servlet is safe against SQL injection attacks - we are not aware of any means for the user to send custom queries to the PostgreSQL server or the rasdaman server.
     52XSRF and XSS represent no danger to the service because there is no user generated content available.
     53The service doesn't use cookies.
     54
     55
    4356
    4457== Next Steps ==