Why is thttpd Secure?

Why is thttpd Secure?

Abstract: A "secure" server daemon was written by Management Analytics in the week of June 5-9, 1995. We believe this daemon to be secure in the sense that it does exactly what it is supposed to do - nothing more and nothing less. This paper describes the inner workings of this very small program, why we think it is trustworthy, and where our assumptions may fail.

In Closing: We believe that this very compact and specially designed server is far more secure against corruption of the server, denial of services to clients, and unauthorized dissemination of information from the server than the standard daemons available today. It is also easy to use and easy to securely manage. If properly used, this server provides security at least as good as the rest of the computer on which it operates.

It is our sincere hope that future daemon designers perform similar analysis on all of their programs to assure that they meet the stringent requirements of protection in the modern computing environment.


The Proof is in the Mathematics

In 1998, thttpd was mathematically proven to meet its security properties by a graduate student as part of a Ph.D. thesis, making this daemon one of the very few useful programs ever to meet this level of rigor.