this post was submitted on 07 Jul 2023
9 points (90.9% liked)

Sysadmin

7717 readers
1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago
MODERATORS
 

We're installing a new app on a secure network. The vendor has requested we allow access to gstatic.com. That seems overly broad to me and unsafe. Thoughts?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 year ago

Based on this quick article, https://softwarekeep.com/help-center/what-is-gstatic-com#:~:text=Gstatic%20is%20a%20special%20website,%2C%20pictures%2C%20and%20style%20sheets. It feels like just allowing all of gstatic is a bit of a security nightmare. I'd push back and have them identify the parts of gstatic they actually need for their website to work and allow those.

Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.

Without knowing the security in place it's hard to do much beyond give general maybe this or that.