OK, I missed a bunch of this (flame part) but aren't the MacOS running WebStar more secure and as flexible as either of the Winows or *nix based servers?
rmj >> Yes the default WWW Service runs as System on Windows and yes you can >> (and should) change that. It is quite unbelievable just how much you > >That's very good. > >> >> It is interesting that you point out one of the exploits available for >> OpenSSH which highlights the fact that other systems have security >> exploits also. > >No disagreement there, but my point was that running services as >"root" or the windows equivalent of root is, in most cases, a very bad >idea. > >> Icecast is a freeware media streamer but is it for audio, not movies. > >My mistake. > >> >> On the flame point, you may have noticed some irate responses to my >> first entry. > >Yes, we can all be a overly sensitive at times :-) > >> IIS is certainly not alone in this >> database, a lot of CGI stuff in there. > >Very true. There are a lot of insecure CGI programs out there, but >that's not a security hole in the web server itself. Anyone can write >a bad application for a web server that opens them to an attack. > >On a properly configured system, compromising the host that the >web server is running on should be very difficult to do from a CGI >program. > >Cheers! >Steve Bremer
