Joe Marshall <email@example.com> writes:
> It is true that the vast majority of crackers and script kiddies
> wouldn't know where to begin to attack the server, and presumably the
> vulnerabilities would be better known if the hardware and software
> were more popular, but the immediate evidence indicates that a LispM
> running CL-HTTP in a shared address space is far more secure than your
> average Apache or IIS installation running in a separate one.
Garfinkel and Spafford recommended to run web servers on MacOS (not X)
back in 1996:
| Because of the richness of its tools, the plethora of programming
| languages, and the ability of multiple users to be logged in at the
| same time from remote sites over a network, the UNIX operating
| system is a remarkably bad choice for running secure Web servers.
| Because many PC-based operating systems share many of these
| characteristics, they are also not very good choices. Experience
| has shown that the most secure Web server is a computer that runs a
| Web server and no other applications, that does not have a readily
| accessible scripting language, and that does not support remote
| logins. In practice, this describes an Apple Macintosh computer
| running MacHTTP, WebStar, or a similar Web server. According to
| recent surveys, such computers comprise as many as 15% of the Web
| servers on the Internet.
(Pre-X MacOS didn't even a decent virtual memory management, and no
process separation. 8-)