[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mac most secure servers?

On Thu, Feb 22, 2001 at 03:09:36PM -0900, Ethan Benson wrote:
> several years ago there was a silly `Crack a Mac' contest and someone
> managed to exploit a cgi script and deface the web site served by the
> Mac.  in most cases such an attack would never allow site defacment on
> unix since the site is not owned by the webserver UID that the cgi
> script generally runs as. 

Point of note... cgi scripts for a site are generally setup to run as
the user who owns the site so that if a cgi script is hacked, the damage
is restricted to said site and not the webserver itself or the system
as a whole.

CaT (cat@zip.com.au)		*** Jenna has joined the channel.
				<cat> speaking of mental giants..
				<Jenna> me, a giant, bullshit
				<Jenna> And i'm not mental
					- An IRC session, 20/12/2000

Reply to: