[SAC] Re: [OSGeo] #79: possible SVN corruption in MapGuide vault?
OSGeo
trac_osgeo at osgeo.org
Mon Mar 19 21:49:48 EDT 2007
#79: possible SVN corruption in MapGuide vault?
-----------------------------+----------------------------------------------
Reporter: waltweltonlair | Owner: sac at lists.osgeo.org
Type: task | Status: closed
Priority: major | Component: SAC
Resolution: invalid | Keywords:
-----------------------------+----------------------------------------------
Changes (by jbirch):
* status: reopened => closed
* resolution: => invalid
Comment:
Walt,
The problem is that your security system is getting tripped because the
SVN commit signature looks the same as the security issue that is
indicated in that alert.
There's nothing that can be done on the OSGeo server to prevent your IPS
from seeing an SVN commit of a JSP file followed by N bytes as this
vulnerability.
At this point I think your options are to get your IT department to drop
the rule, to create a special policy just for your workstation (if this is
possible with your software), or to continue using Linux to commit JSP
files.
I had the same thing happen to me with our CheckPoint SPI firewall last
year. It wouldn't allow me to view MapBender maps because they contained
too many characters in an image tag (the WMS string). Eventually, my tech
support guys made a special rule for me, and then once they were happy
that all of the workstations had been patched against that particular
vulnerability they turned it off altogether.
--
Ticket URL: <http://trac.osgeo.org/osgeo/ticket/79#comment:4>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list