How to secure the SDK
67 views
Skip to first unread message
Kaan Soral
Mar 13, 2012, 4:50:01 PM3/13/12
to google-a...@googlegroups.com
If the SDK is accessible to the outer world, it poses a HUGE security risk
One can simply write a script for "Interactive Console" and steal all your code/data
To prevent this - one may restrict access to Development Console and permit only 127.0.0.1, this can be easily done by modifying the Handlers of the Development Console
Can you guys think of any other security holes?
I've been meaning to ask this for a long time, but at the same time I didn't want to attract anyone to exploit these risks - but here it is anyway
One can simply write a script for "Interactive Console" and steal all your code/data
To prevent this - one may restrict access to Development Console and permit only 127.0.0.1, this can be easily done by modifying the Handlers of the Development Console
Can you guys think of any other security holes?
I've been meaning to ask this for a long time, but at the same time I didn't want to attract anyone to exploit these risks - but here it is anyway
Ronoaldo José de Lana Pereira
Mar 13, 2012, 5:25:15 PM3/13/12
to google-a...@googlegroups.com
By your assumption that arbitrary code execution will affect your SDK binaries (either java or python), I'am assuming that you are using Windows, downloading the SDK binaries from untrusted websites or not running the MD5 checksums. I suggest you to do all these: use Linux, downlaod only the code from Google and never deploy untrusted jars / python code with your application.
Hope this helps,
-Ronoaldo
Hope this helps,
-Ronoaldo
Kaan Soral
Mar 13, 2012, 5:27:09 PM3/13/12
to google-a...@googlegroups.com
I don't think this is related to my question, but thanks anyway
Simon Knott
Mar 14, 2012, 4:42:59 AM3/14/12
to google-a...@googlegroups.com
Why would your SDK be available to the outside world? It's a development tool, no different to any development environments - lock it down via the network infrastructure, as you would any other development environment. If you have production data in your dev environment and it contains sensitive data, then take the normal steps to sanitise it.
Kaan Soral
Mar 14, 2012, 5:48:36 AM3/14/12
to google-a...@googlegroups.com
Why? - because sometimes you have to work with external systems and they have to work with you - even on the development level
Aidan O'Kelly
Mar 14, 2012, 6:07:23 AM3/14/12
to google-a...@googlegroups.com
Still should be a network security concern, ie, setup a secure vpn, or allow limited access to a range of IP's through your firewall.
The java version of the SDK at least, has a -bindAddress option. Binding to 127.0.0.1 will mean the server will only listen for requests from your machine. (It set itself up like this by default for me)
Anyway, if you run any kind of developer sdk server and allow access to the outside world you are asking for trouble, since they are never written with the intention of being a secure production server.
--To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/kW20c_wtRsMJ.
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Kaan Soral
Mar 14, 2012, 7:01:48 AM3/14/12
to google-a...@googlegroups.com
Great idea
What would be an easy solution to permit access for only a range of IP's? Preferrably with logging etc to deny first and allow later.
On windows and for a network noob - This is probably not the right place for asking this but it would be great if any of you have suggestions
What would be an easy solution to permit access for only a range of IP's? Preferrably with logging etc to deny first and allow later.
On windows and for a network noob - This is probably not the right place for asking this but it would be great if any of you have suggestions
Barry Hunter
Mar 14, 2012, 8:39:30 AM3/14/12
to google-a...@googlegroups.com
Can use the windows firewall
http://windows.microsoft.com/en-GB/windows-vista/Open-a-port-in-Windows-Firewall
http://windows.microsoft.com/en-GB/windows-vista/Open-a-port-in-Windows-Firewall
to open the port - and configure who can access it.
Its probably worth using a non default port (ie not 80) - to make it
harder for people to find. (the dev server allows you to choose a port
at startup)
> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-appengine/-/IGQV9BWzPEsJ.
Ikai Lan (Google)
Mar 14, 2012, 2:47:22 PM3/14/12
to google-a...@googlegroups.com
This is a great question for StackOverflow because you'll get a lot more responses if you tag it correctly.
On Linux you have a lot of options. One of the easiest ones is iptables. Well ... "easiest".
PERSONAL OPINION ALERT: I highly recommend learning Linux or working with a *nix system. I find that it's way easier to do software development on that kind of a system than trying to deal with Windows. Not to mention: I've rarely been in a situation using Linux where I've wanted to do some weird networking or security thing and not been able to find at least a half-assed guide somewhere describing how to do it (and, in struggling with said half-assed guide, become slightly better at using Linux myself). IMO there really aren't any good reasons why you can't learn Linux. If you don't want to dual boot, you can always use a tool like VirtualBox and run an Ubuntu ISO. There's no dollar cost.
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/IGQV9BWzPEsJ.
Reply all
Reply to author
Forward
0 new messages