inspired by the web server in Samba 4

[Jason Haar]

Andrew Tridgell wrote:

>Can you be more specific? Remember that the alternative is that a
>large proportion of our users don't install SSL certificates at all
>and end up sending their admin passwords in clear text to the web
>server.
>  
>
That doesn't follow. If you are "doing" SSL then that means you must be 
generating self-signed certs. There's nothing to stop you using Apache, 
and checking for the presence of a working HTTPS during install, and - 
well - generating a self-signed cert for Apache if there isn't.

 From what I can see, there's normally 2-3 autogenerated, self-signed 
certs lying around on every freshly installed Linux box as it is anyway 
- you could always just grab one of those ;-)

The biggest issue I can see with using Apache or anything else is that 
you probably want it to do large actions as root. Getting Apache to run 
things as root means setuid CGIs -   mod_php/mod_perl/mod_python support 
becomes more convoluted that's for sure.

Still, a small setuid root program that sits behind Apache should be 
more secure than having a new Samba service. I mean - it'd be less code 
for a start... And all Web-based security issues would be Apache's fault 
- not Samba's... [that's it - move the blame! ;-)]

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1