Tag: CISSP

Posted on

SharePoint 2007/2010 Security

I'm CISSP, computer science dude.  I can hack your computer, steal your credit card numbers and social engineer you all day long.  So when I say SharePoint is not secure, I mean it.  Case in point:

  • PROOF #1 – Any DBA can dump the contents of your content database by default in 2007 AND 2010.   Reference this blog post:  http://bit.ly/3pdf45
  • PROOF #2 – Web Application policy can be setup to give "Full Control" to anyone the Central Administrator decides to (including him or herself)
  • PROOF #3 – Site Collection Admins are "God" when it comes to the data in the Site Collection
  • PROOF #4 – Development = Production odds are less than 5% (once you give the developers the database backup, that's it, they own the content)
  • PROOF #5 – Ignorance kills your SharePoint – Removing certain blocked file types can cause security holes.  Reference this blog post:  http://bit.ly/3GpJkp
  • PROOF #6 – Blind public deployments of SharePoint to the internet (the _vti_bin problem).  Reference this blog post:  http://bit.ly/3RjJVD

Are these bad things, technically no if you trust the people you have assigned to each role.  But keep in mind, social engineering is a powerful foe!

How does You/I/SharePoint 2007/2010 fix this?

  • FIX #1 – 2007/2010 – Implement IRM/DRM – this encrypts your files and locks them down no matter where they will go (covered in my 50149 operations course)
    • Search has to be setup to have read access across the IRM domain
  • FIX #2 – 2007/2010 – Implement custom actions or event receivers to encrypt the documents when they are "added", "checked in", decrypt on "check out"  (covered in my 50064 course)
    • Prevents SQL DBA's from PROOF #1
    • Problem is, you lose functionality (workflows are "Added", which means the files are encrypted – DOH!, search can't index your content)
  • FIX #3 – 2010 only – implement an encryption RBS (watch for this in my future courses)
    • Things are awesome,  content is encrypted in data store, Search is setup with Read permissions through SharePoint – LIFE IS GOOD, until someone (like me) social engineers your IW staff to give me what I want
  • FIX #4 – build some kind of scrub routine on your content database before you give it to your developers
    • Hard to do given the structure of the content database, but possible if everything is tagged with content types/meta data (easier to do in SP2010)
  • FIX #5 – Don't remove things from blocked file types unless you really know what you are doing!
  • FIX #6 – Don't blindly deploy your internet website using SharePoint, reduce your hacker footprint as much as possible!

In reality, there is no security in this world.  Sorry…am I fair to pick on SharePoint, no, no matter what platform you choose, same issues will exist!

Chris