Mercurial > hg > orthanc-book
comparison Sphinx/source/faq/security.rst @ 938:84a6892495f6
security
author | Alain Mazy <am@osimis.io> |
---|---|
date | Fri, 21 Apr 2023 09:15:24 +0200 |
parents | 49ec83c000e9 |
children | 6b9bd2520680 |
comparison
equal
deleted
inserted
replaced
937:b9eb59d73a42 | 938:84a6892495f6 |
---|---|
82 * Enable :ref:`Client certificate authentication <https>` between multiple | 82 * Enable :ref:`Client certificate authentication <https>` between multiple |
83 Orthanc peers. | 83 Orthanc peers. |
84 | 84 |
85 * Consider turning of the :ref:`embedded WebDAV server <webdav>` by | 85 * Consider turning of the :ref:`embedded WebDAV server <webdav>` by |
86 setting configuration option ``WebDavEnabled`` to ``false``. | 86 setting configuration option ``WebDavEnabled`` to ``false``. |
87 | 87 |
88 * Ensure that ``/tools/execute-script`` is disabled by leaving the configuration | |
89 ``ExecuteLuaEnabled`` to its default ``false`` value. | |
90 | |
91 * Ensure that the REST API can not write to the filesystem (e.g. in the | |
92 ``/instances/../export`` route) by leaving the configuration | |
93 ``RestApiWriteToFileSystemEnabled`` to its defualt ``false`` value. | |
94 | |
88 * Setup rules that define, for each authorized user, which resources | 95 * Setup rules that define, for each authorized user, which resources |
89 it can access, and through which HTTP method (GET, POST, DELETE | 96 it can access, and through which HTTP method (GET, POST, DELETE |
90 and/or PUT). This can be done by defining a :ref:`filter written in | 97 and/or PUT). This can be done by defining a :ref:`filter written in |
91 Lua <lua-filter-rest>`. Here is a sample Lua filter that | 98 Lua <lua-filter-rest>`. Here is a sample Lua filter that |
92 differentiates between an administrator user (``admin``) who has | 99 differentiates between an administrator user (``admin``) who has |