A web server must make it possible for millions of unknown people to connect to it and access data. For each user, it performs essentially one task: to serve up web pages. In this environment, the task of the system security is to ensure that the user does not find a way to force the web server to run harmful processes.

The most popular security model for web servers is the user-based security model, also known as discretionary access control (DAC), which functions on user authentication. Processes are assigned to a specific user identity and thus their actions are restricted based on the user’s access rights. However, this user-based security model has proven unreliable in recent years.

The main reason for its failure is that it relies heavily on the assumption that a valid user will not engage in any malicious activity. It is processes, however, and not users that compromise or damage computers. Users don’t delete files, processes do. If a rogue process can masquerade itself as having legitimate rights of access, then the rogue process could execute at a privileged level and cause damage within the system.

Examples of flaws caused by user-based security:

• Web Server Flaws
• CGI/ASP/SSI Exploits
• Memory Leaks (Buffer Overflows)