[268] in WWW Security List Archive
Re: Secure W3 Server
daemon@ATHENA.MIT.EDU (Wolfgang Roeckelein)
Wed Dec 14 10:15:52 1994
From: Wolfgang Roeckelein <wolfgang@wi.whu-koblenz.de>
Date: Wed, 14 Dec 94 12:47:46 +0100
To: hallam@dxal18.cern.ch
Cc: dorian@oxygen.house.gov (Dorian Deane), www-security@ns1.rutgers.edu,
hallam@dxal18.cern.ch
Reply-To: www-security@ns1.rutgers.edu
Hi,
>>1. Anything running on a single-tasking machine, such as a Mac running
>>MacOS, is probably more secure than one running on something like Unix, VMS,
>>etc. Even MacOS, however, should be configured minimally-- no telnet, ftp,
>>etc., if at all possible.
>
>Ughh! I very much doubt this statement. MAC/OS is inherently insecure because
>it is a single user O/S with no concept of user identity whatsoever. Window
>for workgroups is marginally better but I would not give it many marks.
This depends on what security you want:
Security from hackers over the Internet: In this case the above statement is
absolutly correct. Remember: The same is said for firewall hosts and routers:
Use a non-standard OS, esp not a standard UNIX variant.
Security from people walking around in your office: In this case I would not
recommend Mac OS, but you will have troubles with all computers since hardware
tampering is always possible.
Wolfgang
---
Dipl.-Wirtsch.-Inf. Voice: +49 261 6509 173
Wolfgang Roeckelein Fax: +49 261 6509 179
WHU Koblenz E-Mail: roeckelein@wi.whu-koblenz.de
Burgplatz 2 (NeXTmail ok)
D-56179 Vallendar
Germany
