Unix-like directory/file protection scheme.
Benefit: permits user and administrator complete control over what documents are made accessible to other members of the organization .. or even outside the organization!.
Four access permission levels (owner, group, world, universe).
Benefit: Gives user flexibility in controlling file and directory access. 'World' is anyone logged into NOAH and 'Universe' is someone who is NOT logged into NOAH.
Session ID mechanism validates users and session timeouts.
Benefit: Makes it harder for someone to hijack a session .. especially if it's a HTTPS server!.
User can manage permissions to let external web users download a file or gain access to a directory without requiring a username/password.
Benefit: This makes NOAH a web page content manager!.
Configurable HTTPS-only flag.
Benefit: Lets administrator decide if only a secure server can access these binaries (Some ISP's use multiple servers pointing to the same cgi-bin directories).
Simple checks done on user-password selection to weed-out obviously weak choices.
Benefit: Keeps your users passwords on the road to 'hard-to-guess'.