Forum OpenACS Q&A: Re: Status of OpenACS

Collapse
3: Re: Status of OpenACS (response to 2)
Posted by Michal Majchrzak on
What about security? Is is a good idea to use OpenACS for e-commerce aplications ?
Collapse
4: Re: Status of OpenACS (response to 3)
Posted by Gustaf Neumann on
OpenACS is quite good in security regards. We are eg. running busy and largish sites (e.g. on our university, per day up 20.000 users active, another site for all high schools in austria) and we are required to make external security audits. It certainly depends, what packages are used, and what local configurations and modification are applied, but the main infrastructure is very good. Maybe it helps a little, that OpenACS is not so much in the mainstream.
Collapse
Posted by Frank Bergmann on
Hi,

I'm the founder of ]project-open[. I'd say that OpenACS is still the most secure Web platform I've ever seen (could be interesting to hear if somebody has seen better stuff recently...).

The main difference to other packages is "security by design" that alleviate the responsibility of the developer. There are several innovative solutions as part of OpenACS/]po[ that I haven't seen anywhere else:

- "Colon Variables" (check Google: "openacs colon variable") basically get rid of SQL injection issues without overhead for developers.

- "Page Contracts" separate between the "hostile Internet environment" with all the bad people living there and the protected TCL environment of the source code.

- In ]po[ we've developed and deployed intrusion detection "traps" or "sensors" in different parts of the system.

- Again in ]po[ we have developed an "Automatic Software Update Service" (like Windows Update) to keep installations up to date and to warn of known security issues. However, we are slow with adding security warnings at the moment.

- The OpenACS role-based permission system is top notch. The difference to other systems is "inheritance" with respect to groups (-> sub-groups), objects (-> sub-objects) and privileges (-> sub-privileges) (a privilege is a kind of "transaction" in SAP-speach).

- AJAX security: A centralized ]po[ REST API with built-in permissions eliminates data leaks that usually appear in all these ad-hoc data-sources that developers tend to write on the server-side to provide there mobile or AJAX applications with data.

The security features in the OpenACS registration, cookie and session management are sound and were innovative at their time, but that's pretty much standard now if you use a mature framework.

Somebody with additional security features of OpenACS? There were some articles in German language iX magazine about Web security, maybe we could extend this collection into a full-blown article?

Cheers,
Frank