Can I make sure there are no back doors?

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Accounting
Inventory
PoS
Project management
MRP

Take the tour

Posts People Badges

Tags View all

odoo accounting v7 pos invoice

About this forum

Help

Can I make sure there are no back doors?

2 Replies

4837 Views

security back_door

Gilles Lehoux

If I provide a computer to an OpenERP consultant and ask him to install Linux (ex Ubuntu) and OpenERP, then, when the computer comes back, is there a way to make sure that he has not included any back doors in either Linux or OpenERP? The server would be accessible from outside the office, maybe through a VPN, also smartphones.

A back door is a way to bypass the systems that restrict access. The simplest back door is to create an extra user. Someone can then use that login. I guess looking at the user list would insure against this.

AJ Schrafel Paper Corp

Best Answer

You can never be 100% Positive. To be 99.9% confident there are no back doors:

Hire somebody trustworthy to install your system.
Setup a system to log all the IP addresses that access your system, review these logs for irregular activity.
Check your operating system and openERP installation for users you do not recognize.
Install the OS and openERP yourself, have the consultant ship you the custom modules with installation instructions.

Point 4 is really paranoid, i don't think you need to go that far if you have a trustworthy consultant.

With any computer system backdoors can always be put in, the Stuxnet virus was enabled by Siemens hard coding a hidden administrator account that didn't show up in the software, that hardware was in use at hundreds of sites.

Ahmet Altinisik

If you are asking this question you should install linux and openerp on yourself.

you can check my answer on how to install openerp on ubuntu https://accounts.openerp.com/forum/Help-1/question/2562

This question has been flagged