Henry Reardon <[EMAIL PROTECTED]> writes: > We are giving some thought to putting a CGI-based Wiki, specifically > OddMuse, on a website that runs on a Linux server. In 'Using Linux (Fourth > Edition)', the authors warn that "The biggest cause for concern about > protecting your site from external threats is CGI scripts." They go on to > suggest various precautions that will reduce the risk. > > This has me wondering if servlets are equally insecure or have a much > stronger security model. I also have Jason Hunter's 'Java Servlet > Programming (Second Edition)' which has a 30 page chapter on Security that > details how various forms of authentication take place in servlets. However, > I can't find any categorical statement that says servlets are actually any > more secure than CGI. > > I was wondering if someone with extensive experience with the security > aspects of both servlets and CGI can give me any sense of which is more > secure and why? I need this information so that we can choose the right > approach for our wiki.
The issue with security of CGI scripts is that process execution is involved. Because of that, on Windows or Unix, it is possible to cause programs other than the intended one to run. That is clearly insecure. Servlets don't work like that. So yes, servlets are much more secure than CGIs. Java also has some interesting security features such as security features built into the dynamic linker (called a class loader in Java). These features are what makes applets possible but are rarely used in servlet engines (though they can be justified). Having said that, aside from these special dynamic loader features, other solutions are just as secure. The Apache mod_XXX (mod_python, mod_perl, etc...) all do very similar things to servlets and are just as secure. To conclude: CGIs are dangerous because the web server is calling an external program (which opens the system to various security problems). Servlets and other tools such as mod_perl or mod_python are more secure because they operate inside the web server process. -- Nic Ferrier http://www.tapsellferrier.co.uk ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
