On Wed, 11 Jun 1997, Nathan E Norman wrote:

> On Tue, 10 Jun 1997, Jim Pick wrote:
> :
> :> Hmm. You want to have people run a web browser as root and run cgi
> :> scripts with root privilage. Please don't make this a default. I
> :> can't think of any way to make this secure. It would be better
> :> to hack together some kind of front end, or hack lynx into some
> :> kind of dedicated engine. The possibilities for accidents are
> :> too great if you run the scripts directly from lynx.
> :
> :That's true - but any time you allow logins into a system, you risk
> :making it insecure.  Debian provides all sorts of ways to log in to
> :a system "by default" - but it is easy to turn them all off.
> :
> :It might be useful to use a specialized web server that is not
> :very configurable, but has an extra emphasis on security.  This
> :could run on a non-standard port from /etc/inetd.conf, so it
> :wouldn't conflict with a web server on the same system which
> :was intended for normal uses.

You may want to consider the WN http server.  It has
extensive security features.  By default, it serves no
pages.  It is also small and efficient.  There is a daemon
that can be run from inetd.

Jean Pierre

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble?  e-mail to [EMAIL PROTECTED] .

Reply via email to