Contents:
Security and the World Wide Web
Running a Secure Server
Controlling Access to Files on Your Server
Avoiding the Risks of Eavesdropping
Risks of Web Browsers
Dependence on Third Parties
Summary
This chapter explores a number of security issues that arise with use of the World Wide Web. Because of the complexities of the World Wide Web, some of the issues mentioned in this chapter overlap with those in other chapters in this book, most notably Chapter 6, Cryptography, Chapter 17, TCP/IP Services, and Chapter 23, Writing Secure SUID and Network Programs.
The World Wide Web is a system for exchanging information over the Internet. The Web is constructed from specially written programs called Web servers that make information available on the network. Other programs, called Web browsers, can be used to access the information that is stored in the servers and to display it on the user's screen.
The World Wide Web was originally developed as a system for physicists to exchange papers pertaining to their physics research. Using the Web enabled the physicists to short-circuit the costly and often prolonged task of publishing research findings in paper scientific journals. Short-circuiting publishers remains one of the biggest uses of the Web today, with businesses, universities, government agencies, and even individuals publishing millions of screens of information about themselves and practically everything else. Many organizations also use the Web for distributing confidential documents within their organization, and between their organization and its customers.
Another exciting use of the Web today involves putting programs behind Web pages. Programs are created with a protocol called the Common Gateway Interface (CGI). CGI scripts can be quite simple - for example, a counter that increments every time a person looks at the page, or a guest book that allows people to "sign in" to a site. Or they might be quite sophisticated. For example, the FedEx package-delivery service allows its customers to use the company's World Wide Web server (http://www.fedex.com) to trace packages. Giving customers access to its computers in this manner simultaneously saves FedEx money and gives the customers better service.
Many other companies are now exploring the use of the WWW for electronic commerce. Customers browse catalogs of goods and services, select items, and then pay for them without anything other than a forms-capable browser.
The World Wide Web is one of the most exciting uses of the Internet. But it also poses profound security challenges. In order of importance, these challenges are:
An attacker may take advantage of bugs in your Web server or in CGI scripts to gain unauthorized access to other files on your system, or even to seize control of the entire computer.
Confidential information that is on your Web server may be distributed to unauthorized individuals.
Confidential information transmitted between the Web server and the browser can be intercepted.
Bugs in your Web browser (or features you are not aware of) may allow confidential info on your Web client to be obtained from a rogue Web server.
Because of the existence of standards and patented technologies, many organizations have found it necessary to purchase specially licensed software. This licensed software, in turn, can create its own unique vulnerabilities.
Each of these challenges requires its own response. Unfortunately, some of the solutions that are currently being employed are contradictory. For example, to minimize the risk of eavesdropping, many organizations have purchased "secure" World Wide Web servers, which implement a variety of encryption protocols. But these servers require a digitally signed certificate to operate, and that certificate must be renewed on an annual basis. Consequently, organizations that are dependent on their WWW servers are exposed to interesting denial of service attacks.
NOTE: There are many Web servers currently in use, and there will be even more in use within the months after this book is published. While we were working on this book, several groups distributing Web servers announced or released several new versions of their programs.
It would be very difficult, and not very useful, for this chapter to discuss the specific details of specific Web servers. Besides the fact that there are too many of them, they are changing too fast, so any details included in this book would be out of date within a year of publication. The Internet is evolving too quickly for printed documentation to remain current.
For this reason, this chapter discusses Web security in fairly general terms. Specific examples, where appropriate, use the NCSA Web server (with brief mention of the CERN and WN servers), with the understanding that other Web servers may have similar or different syntax.