http://www.isp.com/company1/passwd contains the passwd file for the http://www.isp.com/company1/ URL directory. Although it is convenient to store the passwd file within the hierarchy it is protecting, care must be taken to make it unreadable by normal HTTP requests. It's better to put it in a configuration directory somewhere where no server has access to. (I've seen this mistake plenty of times)
The server process itself still needs access to that file though in order to verify passwords, so it can't be totally protected-- a bug in the server might reveal the password file. A relatively minor point..
A barebone's web server is a pretty simple piece of a software compared to a browser (or sendmail), so it should be possible to make them much more secure.
Right. The Netscape Commerce server, on the other hand, is by no means a barebones webserver. It has a full-featured API which allows dynamic loading of custom-written modules to handle every aspect of web servering. Its configurations files, while not as complex as sendmail config files, are rather complex. The server comes with an "GUI administration tool", which allows you to configure the server using netscape over HTTP to a special server, -running as root-, which can modify configuration files, restart the server, etc. (I am not sure if the administration server -must- run as root, but that is how it has been configured in the installations I have seen.) Even extremely good security programmers could probably not write such a complex program without bugs, particularly on the timescale for which you have commended Netscape. (Extremely good ethical security programmers may not even be -willing- to write such a complex program and declare it secure) There is actually an interesting parallel to sendmail in webservers..webservers have a very vital 'rewriting' phase, where they turn the url (/~sameer for example) into a filename (/u1/sameer/public_html/index.phtml) This phase is where it checks ownership, checks symlinks, etc. I figure that section may be rife with holes, given the incredibly powerful rewriting that the highly flexible servers can do these days. -- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 An Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org (or login as "guest") sameer@c2.org