What kind of security risk is running a MOO server?
(Most of the facts for the below answer come from thread on MOO-Cows about this subject. Most of the text, too. Thanks to Jay Carlson ( nop@nop.com) and Ian Macintosh ( siman@ihug.co.nz).) Disclaimer: Everything said here is an identification of a risk I am aware of. I am not a security expert. There may be other risks or the risks I mention below may be of other forms. As with any other answer in this FAQ, I welcome submissions on this subject. One of the first things to keep in mind with computer security is “what are we trying to protect from whom?”. The threat that the unmodified MOO server poses to the server machine is limited to denial of service attacks. A MOO programmer could use all the memory, CPU, or disk on the partition that MOO is dumping to. The server itself provides no access to the filesystem (though there are patches that do) or other operating system services.
Related Questions
- What should be the security context of a Cisco Secure ACS server running on a member server to help ensure proper Windows authentication to a domain controller?
- My PC has many security features (firewalls, antivirus, etc), and may be running via a proxy server, can I still install/use e-Books?
- What kind of security risk is running a MOO server?
