Especially for web services, it would be great if there were a mode that works as securely as sensible by default, and can be easily enabled, for example via an option such as --hardened in the HTTP Unix daemon. At the cost of making development somewhat harder (if enabled), such a mode would reveal less information to attackers.
Configuration options that could be affected by such a mode come to mind immediately, especially after the discussion in SWI-Prolog/plweb#23:
- obsolete protocols should be reliably disabled in this mode, without weakening security if users themselves have already chosen more secure settings.
- backtraces that may expose sensitive data (such as login names, paths etc.) must be disabled.
- anything else?
Especially for web services, it would be great if there were a mode that works as securely as sensible by default, and can be easily enabled, for example via an option such as
--hardenedin the HTTP Unix daemon. At the cost of making development somewhat harder (if enabled), such a mode would reveal less information to attackers.Configuration options that could be affected by such a mode come to mind immediately, especially after the discussion in SWI-Prolog/plweb#23: