Security Guide

Any objections against the topics provided by Jochen? (see #30541)
I like the structure Jochen introduced in this manual and I do not see a reason to again go through the process of defining topics.

I am happy with the structure of Jochen's document and I will (almost) retain it (similar thing with its content).

Only minor changes I would like to suggest at this point in time:

• divide "System Administrators" into "System Administrators" and "TYPO3 Integrators"
• add a definition of each roles
• re-shuffle the order of "Guidelines..." sections a little bit

Main reasons for these changes:
I would like to introduce an additional role "TYPO3 Integrators" and shift some tasks from System Administrators to Integrators. This fits better with the Association's idea of Integrators (e.g. TYPO3 Integrator certifications) and builds a better balance regarding amount of tasks. A "pure" SysAdmin does not need deep knowledge of TYPO3's BE or editor's permissions - and an Integrator does not need knowledge how to secure the web server.

In order to clarify this, I would also add a paragraph at each "Guidelines..." section to define (and explain) each role and boundaries of the responsibilities (and overlaps of course).

This comes with a slight re-order of the sections: I suggest to order the "Guidelines..." in chronological order, how you would set up a TYPO3 instance: SysAdmin first, then Integrator, then editor, then developer.

See committed SVN revision 949.

Document structure aimed for version 1.0.0:

Introduction
About this document
History
Credits
Feedback
Target audience

The TYPO3 Security Team
Contact information
Incident handling

General Information
TYPO3 versions and lifecycle
Differentiation between core and extensions
Announcement of updates and security fixes
Security bulletins

Types of Security Threats
Information disclosure
Identity theft
Cross Site Scripting (XSS)
SQL injection
Cross Site Request Forgery (XSRF)

General Guidelines
Secure passwords
Operating system and browser version
Communication
React quickly
Keep TYPO3 extensions up-to-date

Guidelines for System Administrators
Role definition
General rules
Integrity of TYPO3 packages
File/directory permissions
Restrict access to files on a server-level
Directory indexing
Database access
Encrypted client/server communication
Further actions

Guidelines for TYPO3 Integrators
Role definition
General rules
Install tool
Encryption key
Global TYPO3 configuration options
Security-related warnings after login
Reports and Logs
Backend users and access privileges
TYPO3 extensions
TypoScript
Content elements

Guidelines for Editors
Role definition
General rules
Backend access
Restriction to required functions
Secure connection
Logout

Backup Strategy
Components included in the backups
Time plan and retention time
Backup location
Further considerations

After an Attack
Take the website offline
Repair/restore
Analyze
Update