[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] MOSS security

From: David Felio <david@xxxxxxx>
Subject: [WEB SECURITY] MOSS security
Date: Wed, 21 May 2008 08:56:14 -0500

After years in the LAMP stack, our company is going towards various MS products, including MOSS 2007/WSS 3.0. In various conversations with MS folks about security considerations, they always go back to permissions. I have not been terribly successful in getting them to discuss security beyond/outside setting permissions w/in MOSS correctly.

Does anyone have experience for MOSS (or any SharePoint products) and have some ideas about security concerns? One of the things I am concerned about is CSRF, since the bulk of the administration is handled via a web interface, but there doesn't seem to be much existing research out there right now.

Thanks.

David


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

Follow-Ups:
- Re: [WEB SECURITY] MOSS security
  - From: Prasad Shenoy
- RE: [WEB SECURITY] MOSS security
  - From: Chris Weber \(Casaba Security\)

Prev by Date: [WEB SECURITY] Google DocType - Web Security
Next by Date: Re: [WEB SECURITY] MOSS security
Previous by thread: [WEB SECURITY] Google DocType - Web Security
Next by thread: Re: [WEB SECURITY] MOSS security
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site