From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: AWS applications and domain hosting
Date: Thu, 30 Jun 2005 20:45:00 -0500
Date: 2005-06-30T20:45:00-05:00 [thread overview]
Message-ID: <6OqdnTq7ecT_AlnfRVn-rA@megapath.net> (raw)
In-Reply-To: m23bqzcrew.fsf@hugin.crs4.it
"Jacob Sparre Andersen" <sparre@nbi.dk> wrote in message
news:m23bqzcrew.fsf@hugin.crs4.it...
> Randy Brukardt wrote:
...
> > While Apache is a fine program, if you're doing light-duty work (and
> > almost all web programs outside of Google are light-duty), an
> > all-Ada solution will perform adequately and will be much less
> > likely to break. After all, I believe in security by not having
> > unused services on the system. Generalized systems like Apache
> > simply provide too many "features" of little value to be
> > safe. "Turning off" unused services via a configuration file is much
> > less safe (someone could rewrite the configuration file) than not
> > having the services around in the first place. And every additional
> > program will provide an additional failure point.
>
> Changing the configuration file is slightly easier than dumping in a
> modified binary - but not so much that I think it is a fair critique.
>
> Still, you're right that with a system like Apache you're more likely
> to have a few more features activated than you need. - On the other
> hand; you reduce the risk of implementing new security holes, when you
> use code more people have looked at, and my web server would still be
> off-line, if I had had to implement it using AWS instead of just
> installing and configuring Apache [1].
In one sense, I'd say it would be hard to argue. But in another sense, I
rather disagree. HTTP is a fairly simple protocol. Since there is no state,
it's pretty hard for it alone to be a security hole. Secondly, when your
application is written in Ada (and you haven't suppressed checks), the
opportunties for bugs causing trouble are quite small. Most bugs in the
AdaIC.com server simply result in a message in the main log and a connect
reset - not a security hole. So that only leaves systematic problems. For
pure file serving, the only real problem is serving files that are outside
of the web root. That isn't too hard to prevent (you do have to look for
funny sequences of ".."), and anything unusual can just be rejected (unlike
Apache's authors, I *know* that there aren't going to be any files with
names including funny characters on our web site!).
The real security problems come from the advanced stuff that you write, but
you'll have those issues in any case if you've written using AWS. (Well, the
worst problems come from Apache running Perl and PHP stuff, but you probably
won't do that.)
Of course, if you have to share the system as you mentioned, certainly use
Apache as a front-end; it's certainly better than not writing your stuff in
Ada in the first place. But if not, you can certainly run an all-Ada web
server as I do for AdaIC.com -- it runs several domains, the spotlight
server, and the Ada search engine without making much a dent in the machine.
(Only the last takes much CPU time.)
Randy.
next prev parent reply other threads:[~2005-07-01 1:45 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-26 9:36 AWS applications and domain hosting Martin Dowie
2005-06-26 10:51 ` Adrian Knoth
2005-06-26 12:36 ` Jacob Sparre Andersen
2005-06-26 13:18 ` Larry Kilgallen
2005-06-26 19:29 ` Marius Amado Alves
2005-06-26 22:46 ` Jacob Sparre Andersen
2005-06-30 20:00 ` Randy Brukardt
2005-06-30 20:45 ` Pascal Obry
2005-06-30 23:58 ` Jacob Sparre Andersen
2005-07-01 6:01 ` Pascal Obry
2005-07-02 20:28 ` Jacob Sparre Andersen
2005-07-02 21:50 ` Pascal Obry
[not found] ` <m23bqzcrew.fsf@hugin.crs4.it>
2005-07-01 1:45 ` Randy Brukardt [this message]
2005-06-26 23:00 ` Björn Persson
2005-06-26 23:45 ` Marius Amado Alves
2005-06-29 2:42 ` tmoran
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox