scribe
03-28-2003, 11:24 PM
Hi All,
The web sites I have worked on in the past have all been on Intranets. Security was handled by network admin and any problems were handled by literally hollering over the partition.
In a former life, I used to managed VAX/VMS systems (yep, dating myself just a tad ;) ). All security was handled at the sysadmin level, other than general password security.
When I was looking in the general web hosting area, some of the folks were talking about security and the who's responsible where. If I understood correctly, the level of security at the sysadmin level has to by nature allow customers to see or read other customer's files. Something about CGI and things made this neccessary. Coming from a VAX world that makes zero sense to me, but anyway; many of the hosts involved in the discussion said the webmaster was responsible for securing their own stuff.
Here's my question, other than the obvious password security; what kind of security are they talking about? Keep in mind no one was talking about security to prevent ripping via right click and view source.
Anyone know where I could find a tutorial or some other information about this?
Thanks,
scribe
<second edit>
Upon further research...Methinks this be a UNIX issue, i.e. RWED file permissions. Is that correct?
It's slowly coming back. I seem to recall not liking the way UNIX did file permissions as compared to VMS. Something about user password file being writable by all users seems to ring a bell.
scribe
The web sites I have worked on in the past have all been on Intranets. Security was handled by network admin and any problems were handled by literally hollering over the partition.
In a former life, I used to managed VAX/VMS systems (yep, dating myself just a tad ;) ). All security was handled at the sysadmin level, other than general password security.
When I was looking in the general web hosting area, some of the folks were talking about security and the who's responsible where. If I understood correctly, the level of security at the sysadmin level has to by nature allow customers to see or read other customer's files. Something about CGI and things made this neccessary. Coming from a VAX world that makes zero sense to me, but anyway; many of the hosts involved in the discussion said the webmaster was responsible for securing their own stuff.
Here's my question, other than the obvious password security; what kind of security are they talking about? Keep in mind no one was talking about security to prevent ripping via right click and view source.
Anyone know where I could find a tutorial or some other information about this?
Thanks,
scribe
<second edit>
Upon further research...Methinks this be a UNIX issue, i.e. RWED file permissions. Is that correct?
It's slowly coming back. I seem to recall not liking the way UNIX did file permissions as compared to VMS. Something about user password file being writable by all users seems to ring a bell.
scribe