Best practices for configuring Fisheye security

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

The best way to harden a system is to look at each of the involved systems individually. Contact your company's security officer or department to find out what security policies you should be using. There are many things to consider, such as the configuration of your underlying operating systems, application servers, database servers, network, firewall, routers, etc. It would be impractical to outline all of them here.

このページでは、優れたセキュリティ プラクティスに関するガイドラインを、当社が把握する範囲ですべてご紹介します。

Configuring the web server

以下のシステム管理者向けのマニュアルを参照してください。

Configuring the application server

See the following system administrator guide for general hints at the application server level (Fisheye uses Jetty, but the principles described here still apply):

Configuring the application

The way you set up Fisheye roles, permissions and processes makes a big difference in the security of your Fisheye site.

Below are some more Fisheye-specific items to consider. None of these provides 100% security. They are measures to reduce impact and to slow down an intruder in case your system does become compromised.

  • Restrict the number of users with powerful roles or group memberships. If only one department should have access to particularly sensitive data, then do restrict access to the data to those users. Do not let convenience over-rule security. Do not give all staff access to sensitive data when there is no need.
  • 従業員が退社する場合の手順を文書化して整備します。
  • 定期的にセキュリティ監査を実行します。セキュリティ侵害が発生した場合に支援できる人を確認しておきます。「もしもの場合​​」を想定した計画演習を実行します。(「ユーザーの休暇中に特権パスワードが盗まれた場合、起こりうる最悪の事態は何か。被害を最小限に抑えるために何ができるか」など)。
  • Make sure the Fisheye database user (and all datasource database users) only has the amount of database privileges it really needs.
  • バイナリを監視します。攻撃者がシステムの 1 つアカウントに不正アクセスする場合、通常、他のアカウントにもアクセスしようとするものです。これを目的に、攻撃者がシステムのファイルを変更するなど、悪意のあるコードを追加する場合があります。ルーチン スクリプトを実行して、悪意のある変更が行われていないことを定期的に確認します。

Securing the Fisheye instance directory

For production use, we strongly recommend that you secure the Fisheye instance directory against unauthorized access.

The location of the Fisheye instance directory is defined by the FISHEYE_INST system variable; we highly recommend that this be a completely separate location from the <FishEye home directory>(the install location). See Fisheye folder layout for details of the data kept in the instance directory.

次の予防措置をおすすめします。

  • Assign a separate restricted user account on the machine for running Fisheye (not a root/administrator user).
  • Ensure that only the user running FIshEye can access the Fisheye instance directory, and that this user has read, write and execute permissions, by setting file system permissions appropriately for your operating system.

Configuring system admin access

Below are some things to consider specifically related to the system admin role:

  • Keep the number of Fisheye administrators extremely low. For example, 3 system administrator accounts should be the maximum.
  • The administrators should have separate Fisheye accounts for their administrative roles and for their day to day roles. If John Doe is an administrator, he should have a regular user account without administrator access to do his day to day work. This could be a 'john.doe' account. In addition, he should have an entirely separate account (that cannot be guessed by an outsider and that does not even use his proper name) for administrative work. This account could be 'jane smith' – using a username that is so obscure or fake that no outsider could guess it. This way, even if an attacker singles out the actual person John Doe and gets hold of his password, the stolen account would most likely be John's regular user account, and the attacker cannot perform administrative actions with that account.
  • Lock down administrative actions as much as you can. If there is no need for your administrators to perform administrative actions from outside the office, then lock down access to those actions to known IP addresses, for example. See Using Apache to limit access to the Confluence administration interface for guidance.

Further precautions

別の予防措置:

  • 上記の注意を要する項目を定期的に監視します。最初は順調に進んでいても、時間の経過とともに悪化する事柄は数多くあります。
    • システムの開始時にはわずか 3 人であった管理者が、拡大を防ぐ人が誰もいない場合、1 年の間に 30 人に増えている可能性があります。
    • 年度の初めに Apache の管理制限事項を整備していたとしても、数か月後にアプリケーション サーバーが移行したとき、新しいシステムに規則を適用することを忘れてしまう可能性があります。

この場合も、上記の手順は、セキュリティ要件に応じて適用可能な事柄のごく一部にすぎないことを心に留めておいてください。また、上記の規則のいずれも何かを保証するものではないことを忘れないでください。こうした規則は侵入者の素早い動きを抑制するだけです。

最終更新日: 2018 年 12 月 13 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.