[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Security vulnerability in CERN httpd access protection
From:       Hallam-Baker <hallam () ai ! mit ! edu>
Date:       1996-12-22 20:29:06
[Download RAW message or body]

All bug reports for the CERN server should be sent to w3.org. I
can't remeber the name of the bug list. There is nobody whatsoever
at CERN who supports the Web externally, we all moved to MIT almost
two years ago.

The CERN server has not had anyone working on it for a very long time.
Last time I touched the code was over a year ago. I don't really recommend
anyone use the CERN server at this stage. Apache has more active interest,
the consortium is more interested in its Java server, Jigsaw. (Whatever
you do don't send bug reports to me!)

At this stage I think the best plan would be to create a plug in module
for Apache allowing it to serve as a plug in replacement for the CERN
server.

By now any O/S that does not come with a Web server is probably not worth
continuing with. I always believed that the right way of delivering Web
servers was with the O/S. That way they come with a point of contact
for service. The CERN server was necessary when the Web was just
beginning. Today we are so far past that point that it is more of a museum
item. Ari, its main author has since written a much better (comercial)
one.


        Phill

[prev in list] [next in list] [prev in thread] [next in thread]