[2121] in WWW Security List Archive
Re: Macintosh Web Server Issues
daemon@ATHENA.MIT.EDU (Gene Ingram)
Mon May 20 17:06:39 1996
Date: Mon, 20 May 1996 10:25:18 -0700
From: Gene Ingram <gene@hpfsvr01.cup.hp.com>
Reply-To: www-security@ns2.rutgers.edu
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
-----BEGIN PGP SIGNED MESSAGE-----
Enrico Cantu wrote:
>
<snip>
> There is one more item of concern that I have not seen brought up on this
> issue. Everyone has been talking about attacks via TCP over a network. A
> WebStar-based server (or even more interestingly, Apache running on MachTen
> or something :-) ) can be configured to be as secure a one wants given
> appropriate diligence, but even wearing my Mac evangelist hat (when not
> wearing my UNIX one), I have to say that the greatest threat to a Mac-based
> server would be a person who sits at the machine. You see, unless you are
> using FolderBolt or some other login utility, anyone can come by and drag
> your http server straight to the trash--end of web service. At least with
> a UNIX box you have a login, or if a session is in use at console, you can
> xlock the screen.
>
> Enrico
>
No kidding, they can drag your http into the trash? Hmm that could pose
quite a problem. I would hope that a suitable login utility is built-in to
future versions of the Mac OS to correct this apparent deficiency. (Oh,
that's gonna get me a flame or two.) :-) Do you know the company that
has authored the FolderBolt software, and if possible their web site?
Thanks.
Gene
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMaCqjs4N33uf66GRAQH4IgP/RmXXqfsyisvPYsSdJ9fX3QIJ77/7+lDG
6KZnDXJBmcAFwUDV+ZYjVs0fEZeV2eP1Yl1dy7gCj4/UBG7jquk9Y7BVNohq1TVF
ntVQrWZ86Ut5+VlC1r4JjN5vId+WQpuKhmxw7PN3rEDYn3AObjxGN33cu06RCq3W
2TU5UQxJHIQ=
=G2BP
-----END PGP SIGNATURE-----
--
``Imagine if every Thursday your shoes exploded if you tied them
the usual way. This happens to us all the time with computers,
and nobody thinks of complaining.'' -Jeff Raskin
______ gene@cup.hp.com
/\__ _\ ingram@pubs.holosys.com
\/_/\ \/ ___ __ _ __ __ ___ ___
\ \ \ /' _ `\ /'_ `\/\`'__\/'__`\ /' __` __`\
\_\ \__/\ \/\ \/\ \L\ \ \ \//\ \L\.\_/\ \/\ \/\ \
/\_____\ \_\ \_\ \____ \ \_\\ \__/.\_\ \_\ \_\ \_\
\/_____/\/_/\/_/\/___L\ \/_/ \/__/\/_/\/_/\/_/\/_/
/\____/
________________________\_/__/____________________________________
PGP UserID: "Gene Ingram <gene@cup.hp.com>"
Key Size: 1024 bits; Creation date: 21 March 1996; KeyID: 9FEBA191
Key fingerprint: 93 E1 15 E6 35 BC B2 84 B2 7B 39 76 29 72 32 72
--3D signature created courtesy of ``Figlet Ascii Font Converter''
<http://mediacube.datacom.de/cgi-bin/moniteurs/figlet>
