 |
 |
|
|
|
|
The public interface policy defines
restrictions on facilities that software packages can provide via a
public interface, such as a public terminal, remote access or via the
world wide web. This policy covers systems such as information
systems, issue tracking systems, online databases, and bulletin board
software and other systems that provide such interfaces.
It is policy that software that is used for interfacing with the general public via mechanisms such a public terminal, remote access or via the world wide web does not provide configuration options via the public interface that enable a user to access resources outside of the scope of the package.
A package that provides access to a database, should be limited to providing information within that database. If the administrative password is compromised, the scope for damage should be limited to the database itself and a compromised administrative account must not be capable of accessing or damaging resources outside of the database container.
The configuration options that are available via the public interface should not enable a user to be able to cause execution of shell commands.
Configurations that cause execution of external programs directly or
via the shell, should not be made via the public interface. Instead
such configurations should be made available locally to the system
administrators via configuration files.