[E-Lang] defense in depth

Marc Stiegler marcs@skyhunter.com
Wed, 24 Jan 2001 22:21:05 -0700


> Even if I don't change Apache or Perl, under EROS, or any other principle
> of least privilege system, I can limit the files and commands Perl and
> Apache can access, and get a second layer of protection for the product
> source, and against arbitrary command access.

Totally off the topic you were pursuing, with E it is amusingly possible to
do better than this if you're willing to forsake Apache. I actually wrote an
itty-bitty Web Server in E with one special feature: if you request a file
that ends with ".cap", the server presumes that the file contains a single
line of information, the uri of an E program to which to forward the query
string and the output stream. So the E Web Server does not need access to
source files or executable files, and does not need to launch or cache or
fool with program execution, it just calls headless servers written in E.
And since E has much of the cool string handling from Perl, it works pretty
well. And of course the E servers can reside anywhere, on the same machine
with the Web server, on another machine on the LAN where the Web server
resides, or at a location half way around the globe across the Web.

My Web server is not production quality in a number of dimensions, but if
anyone has a use for it, it is available.

--marcs