Hi Thomas,
I thing this is a very important and allowed question.
Let's start.
On the AppGini (AG) webseite
https://bigprof.com/appgini/ you will find this:
Secure and time-tested code
AppGini has been used by hundreds of thousands of users worldwide since 2002. During this time, we passed so many pentests, and received tens of thousands of feedback messages that we used to add many features and make countless improvements. This long experience is instantly yours when you use AppGini apps. No need to re-invent the wheel and keep looking for bugs and security vulnerabilities in code written from scratch. AppGini gives you peace of mind and confidence in your code base.
Well, of course anyone can write anything on the web, but at least AG tries to help us feel a little more comfortable concerning security.
Then, you can search security and pen testing websites for problems with AppGini. I can not point out any sites at this time. Maybe someone else can.
But even if there has been found some problem with the generated files, we would need to take a closer look on the version, and if that has been fixed already and thus is non existing anymore.
You write, many security concerns here in the forum are about server. Yes, the files AG generates are sitting on a server. There can be many problems with server configuration itself leading to problems or such things as the xz backdoor somewhere in (much) deeper code. Who knows, But actually I would probably feel flattered, if some secret organisation (exaggerating here
) would like to peek at an application I designed. Yepee
AG uses quite a lot of additional libraries to make life for us (developers) easier. Yes, some of them are old and there exist new versions. We can not look only at the version number, as new versions introduce also new features that can hold potential errors again. Also, a library like bootstrap 3 can hardly be a security risk. Using any external library (=not written yourself) introduced a security risk.
I actually see only one way to prevent "bad" code in your application. This would be coding every single line yourself ... but even to do this, I would not say this is safer than using other's code. If so, one would be the God of all programming. And a God indeed ... just think, that probably no one in this forum you actually develop an encryption algorithm herself - it's just way too specific stuff.
That said, as AG creates an application that is by definition server side the thoughts in this forum about server security are valid from my point of view.
Side note: Please check out the thread of first link here (
viewtopic.php?f=6&t=3989 ) for securing the uploads folder - imho, this would be something that should be handled by the AG team in more depth than it has been done so far (by others and me using this extra code), The uploads folder should (imho) not reside below webroot, but be not accessible at all directly using http(s). There are applications using this e.g. Moodle (
https://moodle.org ) where all uploaded content can be placed outside of webroot and thus is safe.
On the frontend side, what can be dangerous there? Javascript afaik is not capable of doing bad by itself on YOUR client, maybe with interaction to the backend - oh, did I say backend again
So what can you and can we do to check for backdoors?
You can create a simple AG application. 2 Tables (parent + child), and all fieldtypes should be included (as some field types may require additional code like calendar etc.) Then, one (with a lot of knowledge) could go through all generated files an look for example for code that is not readable by human, code, that does something strange, code that loads stuff from other (=external) sources etc. Then, one would need to investigate further.
Bit: We would need to do this for every AG version out there as, if there would be a backdoor in version X, it does not mean, there is one in version Z (to be clear: I am not suggesting, nor supposing there is one, in any version ... on purpose. If a security threat comes to the attention of Ahmed, developer(s) of AG, they are fixed. Proof I suggest: see AG changelog here
https://bigprof.com/appgini/release-log ).
Another short to human readable code: Jan's library is encrypted and not human readable any more. This has a good reason and I won't blame him for doing so.
Would this help? I am not sure.
There are many thousands of scripts, code blocks etc. on the web and almost no one checks them. People tend to rely on others ideas and solutions (psychological group think and making life easier by working as a "group" ... where all want the same and of course nothing bad for the others of the group).
We do not know if a safe application becomes insecure by some other setting etc. but what is the solution?
Coding all by yourself - described above, even this would not be safe and everything would take so long, that one would never finish. Oh, this exactly seems a point to use rapid application development tools like AG: Get the job done. If for you, because it's nicer to do other things. If for a (hopefully) paying customer: Safe his money. And for both of these: Use knowledge and code that has been approved by others to get some extra peace of mind, that one at least did not do an error in file Y.
I believe Jan once wrote somewhere, that suggesting starting a VPN before being able to get to the AG application would add security. I agree. Nevertheless, if the code would load stuff from external sources it could be dangerous for this internal network. Maybe the loading from external could be prevented but this may result in your application not working anymore.
Security is tricky.
It's like always: How much is your "information" in your application worth to possible intruders?
Yeah, a data-breach in my chess-club ooooo I am so scared ;- ) Who would actually (besides privacy regulations) care about this?
A data-breach at the local community to a database where dog owners are recorded .... well, may be worth something to people to hate dogs. But anyone else?
So, ask yourself a question, who might be interested in the data you handle and, if unsure about AG not messing with you data, you may turn to somewhere else. Then, please let at least me know, what data heaven and way to put a software in place that works for your needs you have found.
I doubt, there is a solution (worldwide) that is now secure and in future as well (as encryption is just a matter of some million years of computing power to break it ha ... there is the "backdoor"
Let's hear others concerning this topic.
Olaf
