Are there any known security problems with WebStar?
Because the Macintosh, unlike either Unix or Windows, does not have a command shell, and because it does not allow remote logins, it is reasonable to expect that the Mac is inherently more secure than the other platforms. In fact this expectation has been borne out so far: no specific security problems are known in either WebStar or its shareware ancestor MacHTTP. Recently a consortium of Macintosh Internet software development companies, including StarNine, the developer of WebStar, posted a $10,000 reward to anyone who could read a password-protected Web page on a Macintosh running WebStar software. As described in an article about the challenge in Tidbits#317/04-Mar-96, after 45 days no one had stepped forward to claim the prize. Although one cannot “break in” to a Macintosh host in the conventional way, potential security holes do exist: • Exploiting holes in the server to read files outside the official document tree. • Finding a way to crash the server. • Exploiting holes in CGI
