Intranet Design Magazine: Chapter Excerpt From: Apache: The Definitive Guide, 2nd Edition--SecurityMay 21, 2000, 12:08 (0 Talkback[s])
(Other stories by Ben Laurie, Peter Laurie)
"The operation of a web server raises several security issues. Here we look at them in general terms; later on, we will discuss the necessary code in detail."
"We are no more anxious to have unauthorized people in our computer than to have unauthorized people in our house. In the ordinary way, a desktop PC is pretty secure. An intruder would have to get physically into your house or office to get at the information in it or to damage it. However, once you connect a telephone line, it's as if you moved your house to a street with 30 million close neighbors (not all of them desirable), tore your front door off its hinges, and went out leaving the lights on and your children in bed."
"A complete discussion of computer security would fill a library. However, the meat of the business is as follows. We want to make it impossible for strangers to copy, alter, or erase any of our data files. We want to prevent strangers from running any unapproved programs on our machine. Just as important, we want to prevent our friends and legitimate users from making silly mistakes that may have consequences as serious as deliberate vandalism."