On Tue, 3 Feb 1998, Stepken wrote:
> Michael J. Maravillo wrote:
> >
> > On Thu, 29 Jan 1998, Henry Hollenberg wrote:
> >
> > >I saw that the CERN http server was reccomended in Chapman and Zwicky so started
> > >checking it out, but the first thing I read knocked it:
> > [...]
> > >Should I look for something else.....they made it sound pretty good in the book,
> > >cacheing and all. Comments?
> >
> > Get Apache... http://www.apache.org
>
> No ! Don't do that !!!! I really recommend CERN http with chroot()
> options. Ask Wolfgang Ley from cert.dfn.de for his special setup.
> CERN server is bullet proof. Apache has much too much problems with
Have you actually looked at the code before spouting silly garbage like it
being "bullet proof"?
Do you really want to trust a server that normally runs as root and that,
if it fails to switch UIDs before serving a document, just logs a message
and proceeds as root? I don't call that bullet proof. While you wouldn't
be running it as root anyway on a firewall, it does indicate something
about the software. I'm sure it can be made secure, but your clueless
claim that it is god and never ever has any problems while Apache is full
of buffer overflows (if it is, I sure don't see them) is foolish.
> buffer overflows in certain configurations. Wait for next version
> of LINUX and the corrected GCC to avoid buffer overflows. Will be out
> in a few month. (stack, heap corrections, see geek-girl and stack-patch
> for gcc)
--
Marc Slemko | Apache team member
marcs @
znep .
com | marc @
apache .
org
Follow-Ups:
References:
|
|
