On the Internet, your web site represents your public
image. If your web pages are unavailable or have been
vandalized, that affects others' impressions of your
organization, even if the focus of your organization has nothing to
do with web technology.
You may have valuable information on your web
server. You may have sensitive or valuable information
available in a restricted area that you may wish to keep unauthorized
people from accessing. For example, you may have content or services
available to paying members, which you would not want non-paying
customers or non-members to access. Even files that are not part of
your web server's document tree and are thus not available
online to anyone (e.g., credit card numbers) could be compromised.
Someone who has cracked your web server has easier access
to the rest of your network. If you have no valuable
information on your web server, you probably cannot say that about
your entire network. If someone breaks into your web server, it
becomes much easier for them to break into another system on your
network, especially if your web server is inside your
organization's firewall (which, for this reason, is generally a
bad idea).
You sacrifice potential income when your system is
down. If your organization generates revenue directly from
your web site, you certainly lose income when your system is
unavailable. However, even if you do not fall into this group, you
likely offer marketing literature or contact information online.
Potential customers who are unable to access this information may
look elsewhere when making their decision.
You waste time and resources fixing problems.
You must perform many tasks when your systems are compromised. First,
you must determine the extent of the damage. Then you probably need
to restore from backups. You must also determine what went wrong. If
a cracker gained access to your web server, then you must determine
how the cracker managed this in order to prevent future break-ins. If
a CGI script damaged files, then you must locate and fix the bug to
prevent future problems.
You expose yourself to liability. If you develop
CGI scripts for other companies, and one of those CGI scripts is
responsible for a large security problem, then you may understandably
be liable. However, even if it is your company for whom you're
developing CGI scripts, you may be liable to other parties. For
example, if someone cracks your web server, they could use it as a
base to stage attacks on other companies. Likewise, if your company
stores information that others consider sensitive (e.g., your
customers' credit card numbers), you may be liable to them if
that information is leaked.
These are only some of the many reasons why web security is so
important. You may be able to come up with other reasons yourself. So
now that you recognize the importance of creating secure CGI scripts,
you may be wondering what makes a CGI script secure. It can be summed
up in one simple maxim: never trust any data coming from
the user. This sounds quite simple, but in practice
it's not. In the remainder of this chapter, we'll explore
how to do this.