[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] Re: CGI Wrap Errors

Subject: Re: [cobalt-developers] Re: CGI Wrap Errors
From: corliss@xxxxxxxxxxxxxxx
Date: Tue May 23 16:40:09 2000

On Tue, 23 May 2000 Thescripter@xxxxxxx wrote:

> First, we are aware of the user that the server runs under. We made  a 
> specific new user for it that does not have access. That is very secure. 
> Also, the DoS attacks have never happened on our servers and we have 
> firewalls and other methods to protect against them :)

You're missing the point on both accounts:

	--Even thought the server runs as a separate account, if it's
	  going to be serving pages for your users, it has access then
	  to that private space.
	--DoS are not always network-based or intentional.  What about a
	  poorly written script that gets caught in a loop and just fills
	  the error log until it runs you out of drive space?  Or worse,
	  spawns so many process that it overloads the table and restricts
	  your server from spawning any more children to hand the traffic?

So, anyway that you cut it, you're still more vulnerable without CGI wrappers
than with.  If that's your cup of tea, fine, but I'd never let that happen on
mine.  That's probably why we have never had our systems compromised.

	--Arthur Corliss
	  Programmer/Administrator
	  Gallant Technologies (http://www.gallanttech.com/)

References:
- Re: [cobalt-developers] Re: CGI Wrap Errors
  - From: Thescripter

Prev by Date: Re: [cobalt-developers] Re: CGI Wrap Errors
Next by Date: Re: [cobalt-developers] Re: CGI Wrap Errors
Previous by thread: Re: [cobalt-developers] Re: CGI Wrap Errors
Next by thread: Re: [cobalt-developers] Re: CGI Wrap Errors

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index