[WEB SECURITY] MOSS security

David Felio david at ark.org
Wed May 21 09:56:14 EDT 2008


After years in the LAMP stack, our company is going towards various MS  
products, including MOSS 2007/WSS 3.0. In various conversations with  
MS folks about security considerations, they always go back to  
permissions. I have not been terribly successful in getting them to  
discuss security beyond/outside setting permissions w/in MOSS correctly.

Does anyone have experience for MOSS (or any SharePoint products) and  
have some ideas about security concerns? One of the things I am  
concerned about is CSRF, since the bulk of the administration is  
handled via a web interface, but there doesn't seem to be much  
existing research out there right now.

Thanks.

David


----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list