Mercurial > hg > orthanc-book
comparison Sphinx/source/faq/security.rst @ 938:84a6892495f6
security
| author | Alain Mazy <am@osimis.io> |
|---|---|
| date | Fri, 21 Apr 2023 09:15:24 +0200 |
| parents | 49ec83c000e9 |
| children | 6b9bd2520680 |
comparison
equal
deleted
inserted
replaced
| 937:b9eb59d73a42 | 938:84a6892495f6 |
|---|---|
| 82 * Enable :ref:`Client certificate authentication <https>` between multiple | 82 * Enable :ref:`Client certificate authentication <https>` between multiple |
| 83 Orthanc peers. | 83 Orthanc peers. |
| 84 | 84 |
| 85 * Consider turning of the :ref:`embedded WebDAV server <webdav>` by | 85 * Consider turning of the :ref:`embedded WebDAV server <webdav>` by |
| 86 setting configuration option ``WebDavEnabled`` to ``false``. | 86 setting configuration option ``WebDavEnabled`` to ``false``. |
| 87 | 87 |
| 88 * Ensure that ``/tools/execute-script`` is disabled by leaving the configuration | |
| 89 ``ExecuteLuaEnabled`` to its default ``false`` value. | |
| 90 | |
| 91 * Ensure that the REST API can not write to the filesystem (e.g. in the | |
| 92 ``/instances/../export`` route) by leaving the configuration | |
| 93 ``RestApiWriteToFileSystemEnabled`` to its defualt ``false`` value. | |
| 94 | |
| 88 * Setup rules that define, for each authorized user, which resources | 95 * Setup rules that define, for each authorized user, which resources |
| 89 it can access, and through which HTTP method (GET, POST, DELETE | 96 it can access, and through which HTTP method (GET, POST, DELETE |
| 90 and/or PUT). This can be done by defining a :ref:`filter written in | 97 and/or PUT). This can be done by defining a :ref:`filter written in |
| 91 Lua <lua-filter-rest>`. Here is a sample Lua filter that | 98 Lua <lua-filter-rest>`. Here is a sample Lua filter that |
| 92 differentiates between an administrator user (``admin``) who has | 99 differentiates between an administrator user (``admin``) who has |