For strict security, it's gotta be best to have a userland web server handling ALL content. Placing static handling into the kernel adds risk, but can speed things up considerably.

Some background for late-joiners:

The Hijack khttpd is not at all related to the standard Linux khttpd, and serves a different purpose and audience (Empeg owners!). One major difference is that Hijack can provide directory listings, whereas the standard one passes such requests on to userland.

Cheers