80.10 Solid Server Security

20230710

After install the Community Solid Server (CSS) you should immediately take note of the contents of the .acl (access control list) file in the root of the server, and as suggested either delete the file or comment out the entries to look like:

# WARNING: DO NOT USE UNMODIFIED UNLESS FOR TESTING PURPOSES.
# WHEN IN DOUBT, DELETE THIS DOCUMENT.
#
# This root ACL resource allows unrestricted public access to all documents and subcontainers.
#
# This document was automatically generated by the Community Solid Server
# because the "Expose a public root Pod" option was selected during setup,
# or because setup has been bypassed.
#
# We strongly suggest to edit this document such that it restricts permissions.

@prefix acl: <http://www.w3.org/ns/auth/acl#>.
@prefix foaf: <http://xmlns.com/foaf/0.1/>.

# Give all agents Read, Write, and Control permissions on everything
# <#authorization>
#     a               acl:Authorization;
#     acl:agentClass  foaf:Agent;
#     acl:mode        acl:Read, acl:Write, acl:Append, acl:Control;
#     acl:accessTo    <./>;
#     acl:default     <./>.


Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0