OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki

PKP Support

Support forums for the Public Knowledge Project

Skip to content


Software Hosting and Development Services available at PKP Publishing Services

As the developers of Open Journal Systems, Open Conference Systems, Open Harvester Systems, and Open Monograph Press, the PKP team are experts in helping journal managers and conference organizers make the most of their online publishing projects. PKP Publishing Services offers support for:

As a customer of PKP Publishing Services, you will not only receive direct, personalized support from the PKP Development Team, but will be contributing to the ongoing development of the PKP applications. All funds raised by PKP Publishing Services go directly toward enhancing our free, open source software. For more information, please contact us.

Security Enhanced Linux and Open Journal Systems

Are you an Editor, Author, or Journal Manager in need of help? Want to talk to us about workflow issues? This is your forum.

Moderators: jmacgreg, michael, John, vgabler

Forum rules
This forum is meant for general questions about the usability of OJS from an everyday user's perspective: journal managers, authors, and editors are welcome to post questions here, as are librarians and other support staff. We welcome general questions about the role of OJS and how the workflow works, as well as specific function- or user-related questions.

What to do if you have general, workflow or usability questions about OJS:

1. Read the documentation. We've written documentation to cover from OJS basics to system administration and code development, and we encourage you to read it.

2. take a look at the tutorials. We will continue to add tutorials covering OJS basics as time goes on.

3. Post a question. Questions are always welcome here, but if it's a technical question you should probably post to the OJS Technical Support subforum; if you have a development question, try the OJS Development subforum.
Post a reply

Security Enhanced Linux and Open Journal Systems

Postby F. Lengyel » Mon Apr 18, 2005 9:22 pm

I've installed OJS 1.1.9 on a Red Hat Enterprise Linux 4 system, which has Security Enhanced Linux enabled. The site is configured as a virtual site (there are others), with virtual sites following the security context specified by the following regular expression, located in /etc/selinux/targeted/context/files/file_contexts (in the apache section):

Code: Select all
/home/[^/]+/((www)|(web)|(public_html))(/.+)? system_u:object_r:httpd_user_content_t


This works, (folliowng the scheme /home/siteusername/www); however, since the OJS working directory should not be WWW accessible, but only accessible to the Apache web server, it is necessary to specify, during the installation, a directory outside of /home/siteusername/www and give it a security context of httpd_sys_content_t (with chcon -t httpd_sys_content_t working_docs_directory). So this means adding a rule to the local securty context of the site, so that a restorecon -v -R /home/siteusername doesn't wipe out this setting.

It's likely that OJS sites will want to adopt the intelligence agency level of security provided by selinux, if this is available. This raises the question of configuring OJS installation security contexts. Setting chmod 777 for directories such as images/custom and images/article images is less than optimal.

Is anyone else concerned with OJS under selinux?

-FL
F. Lengyel
 
Posts: 1
Joined: Mon Apr 18, 2005 8:54 pm
Location: CUNY Graduate Center, New York
Top

File and Folder permissions

Postby ramon » Tue Apr 19, 2005 10:49 am

F. Lengyel,


The submission files, images/custom, and images/articleimages/ need a 775 permission, not 777. The important thing is that the owner of the system folder should be in the apache group.

I'm not Linux savvy enough to discuss the security implementations, but I don't believe they will be a problem...
Ramón Martins S. da Fonseca
Analista em C&T
Coordenação de Desenvolvimento de Sistemas / Ibict / MCT
ramon
 
Posts: 905
Joined: Wed Oct 15, 2003 6:15 am
Location: Brasí­lia/DF - Brasil
Top
Post a reply

Return to OJS Editorial Support and Discussion

Who is online

Users browsing this forum: No registered users and 3 guests

Powered by phpBB® Forum Software © phpBB Group