File:
[LON-CAPA] /
capa /
capa51 /
READMEsecurity.txt
Revision
1.1:
download - view:
text,
annotated -
select for diffs
Mon Aug 7 21:06:32 2000 UTC (23 years, 9 months ago) by
albertel
Branches:
MAIN
CVS tags:
version_2_9_X,
version_2_9_99_0,
version_2_9_1,
version_2_9_0,
version_2_8_X,
version_2_8_99_1,
version_2_8_99_0,
version_2_8_2,
version_2_8_1,
version_2_8_0,
version_2_7_X,
version_2_7_99_1,
version_2_7_99_0,
version_2_7_1,
version_2_7_0,
version_2_6_X,
version_2_6_99_1,
version_2_6_99_0,
version_2_6_3,
version_2_6_2,
version_2_6_1,
version_2_6_0,
version_2_5_X,
version_2_5_99_1,
version_2_5_99_0,
version_2_5_2,
version_2_5_1,
version_2_5_0,
version_2_4_X,
version_2_4_99_0,
version_2_4_2,
version_2_4_1,
version_2_4_0,
version_2_3_X,
version_2_3_99_0,
version_2_3_2,
version_2_3_1,
version_2_3_0,
version_2_2_X,
version_2_2_99_1,
version_2_2_99_0,
version_2_2_2,
version_2_2_1,
version_2_2_0,
version_2_1_X,
version_2_1_99_3,
version_2_1_99_2,
version_2_1_99_1,
version_2_1_99_0,
version_2_1_3,
version_2_1_2,
version_2_1_1,
version_2_1_0,
version_2_12_X,
version_2_11_X,
version_2_11_4_uiuc,
version_2_11_4_msu,
version_2_11_4,
version_2_11_3_uiuc,
version_2_11_3_msu,
version_2_11_3,
version_2_11_2_uiuc,
version_2_11_2_msu,
version_2_11_2_educog,
version_2_11_2,
version_2_11_1,
version_2_11_0_RC3,
version_2_11_0_RC2,
version_2_11_0_RC1,
version_2_11_0,
version_2_10_X,
version_2_10_1,
version_2_10_0_RC2,
version_2_10_0_RC1,
version_2_10_0,
version_2_0_X,
version_2_0_99_1,
version_2_0_2,
version_2_0_1,
version_2_0_0,
version_1_99_3,
version_1_99_2,
version_1_99_1_tmcc,
version_1_99_1,
version_1_99_0_tmcc,
version_1_99_0,
version_1_3_X,
version_1_3_3,
version_1_3_2,
version_1_3_1,
version_1_3_0,
version_1_2_X,
version_1_2_99_1,
version_1_2_99_0,
version_1_2_1,
version_1_2_0,
version_1_1_X,
version_1_1_99_5,
version_1_1_99_4,
version_1_1_99_3,
version_1_1_99_2,
version_1_1_99_1,
version_1_1_99_0,
version_1_1_3,
version_1_1_2,
version_1_1_1,
version_1_1_0,
version_1_0_99_3,
version_1_0_99_2,
version_1_0_99_1,
version_1_0_99,
version_1_0_3,
version_1_0_2,
version_1_0_1,
version_1_0_0,
version_0_99_5,
version_0_99_4,
version_0_99_3,
version_0_99_2,
version_0_99_1,
version_0_99_0,
version_0_6_2,
version_0_6,
version_0_5_1,
version_0_5,
version_0_4,
stable_2002_spring,
stable_2002_july,
stable_2002_april,
stable_2001_fall,
release_5-1-3,
loncapaMITrelate_1,
language_hyphenation_merge,
language_hyphenation,
conference_2003,
bz6209-base,
bz6209,
STABLE,
HEAD,
GCI_3,
GCI_2,
GCI_1,
CAPA_5-1-6,
CAPA_5-1-5,
CAPA_5-1-4_RC1,
BZ4492-merge,
BZ4492-feature_horizontal_radioresponse,
BZ4492-feature_Support_horizontal_radioresponse,
BZ4492-Support_horizontal_radioresponse
- other readmes
1:
2:
3:
4: CAPA SECURITY
5:
6:
7: Please follow the instructions as they are given in the README.txt (UPGRADE.txt)
8: file. There are security reasons why CAPA is installed the way that it is.
9:
10: 1.) Protecting your problem code.
11: The README.txt file directs you to create a demolibrary folder
12: which contains symbolic links to the CAPA problem Graphics and
13: Links. Later, you are directed to make an alias for /demolibrary
14: for the web server using Public/demolibrary. The reason for this
15: is that the webserver is only allowed to see the Graphics and Links.
16: If you point your browser to http://your.machine/demolibrary/ you
17: can access the Graphics and Links without going through any CAPA
18: security. If the webserver is aliased to the real demolibrary
19: instead of the Public/demolibrary, anyone (including your students)
20: can access the problem code. This is highly undesirable and can
21: potentially render your CAPA problems useless. For example, someone
22: with your problem code could build their own set with their own
23: CAPA software and generate answers for himself/herself and countless
24: others.
25:
26: Protecting your problems has become particularly important now
27: that CAPA has become free software. If you add any other libraries
28: to your system, they also MUST have a Public version of the library
29: for the webserver can use. The CAPA problems (including the
30: demolibrary) are copyrighted by the author, institution, etc. and
31: can NOT be freely distributed.
32:
33: To check if your CAPA libraries are properly installed, point your
34: browser to http://your.machine/CAPAlibrary/. You should only be able
35: to see the Graphics and Links directories. If your webserver is not
36: set up for indexing (i.e. you cannot see the directories in your web
37: browser), you can try accessing a problem code file from the web by
38: pointing your browser to
39: http://your.machine/CAPAlibrary/problem-type/problemCode.txt
40: If you can access such a file, then you need to make a Public version
41: of your library and alias this version in your webserver's srm.conf
42: file.
43:
44: 2.) Protecting Web Access
45: If you follow the steps above to protect your libraries, then the
46: rest of your CAPA code (set.qz files, etc.) are protected by the
47: capasbin program which has built in security.
48:
49: 3.) Protecting Telnet Access
50: If you use the telnet interface, security is controlled by the
51: capalogin shell. You should always test out your classes as soon
52: as you install them to make certain that your class "user" (nsc131s0
53: for example) uses the capalogin shell. This is very important
54: because the "user" (nsc131s0) is set up to log in without a password.
55:
56:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to READMEsecurity.txt CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / capa / capa51