Received: by taz.hyperreal.com (8.6.12/8.6.5) id LAA11618;
 Thu, 18 Jul 1996 11:50:10 -0700
Received: from newshare.newshare.com by taz.hyperreal.com (8.6.12/8.6.5) with
 ESMTP id LAA11611; Thu, 18 Jul 1996 11:50:07 -0700
Received: from localhost (dave@localhost) by newshare.newshare.com
 (8.7.4/8.6.9) with SMTP id OAA25898 for <new-httpd@hyperreal.com>;
 Thu, 18 Jul 1996 14:48:25 -0400 (EDT)
Date: Thu, 18 Jul 1996 14:48:24 -0400 (EDT)
From: "David M. Oliver" <dave@newshare.com>
To: new-httpd@hyperreal.com
Subject: Re: Let's get rid of .htaccess files :-) 
In-Reply-To: <199607181828.MAA15435@pooh.pageplus.com>
Message-ID: <Pine.GSO.3.93.960718144058.25823C-100000@newshare.newshare.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

On Thu, 18 Jul 1996, Howard Fear wrote:

> But, this is exactly the problem.  There are at least two general
> philosophies to 'webspace': the web as a filesystem, and the web
> as an interface to files in the underlying file system. 

	There is also a 3rd philosophy, not now prevalent in the 
	Internet, which is "capability based" - relating to access
	to information in databases.  Here, of course, a person has
	access to a subset of the DBMS's capabilities not specific
	files. 

	We are finding also that certain types of information providers
	have almost no static files.  All the output is generated by 
	accumlating pieces from different databases, which have their
	own (private) view of the underlying file system.

> We also should preserve the distinction between server configuration
> and 'file' configuration.  The former should not only have limited
> access, but also limited visibility.  It also, probably, causes
> a server restart.  The second should be available to all users
> (for their files) and shouldn't (mustn't) cause server restarts.

	I am inclined to agree with this view, though it is thorny
	when you take a database view of the world (whre the database
	is doing much of the access control).

> > It would be very easy to have a separate daemon watching the
> > conf/ for changes and sending a SIGHUP when needed.
> 
> I don't see the need for this.  And, I think this is a real problem
> if you're going to let your users control the configuration of their
> own files.  (This may not generally be the case for commercial
> web servers, but is certainly desireable for intranets.)
	
	agreed.

dave
+------------------------------------------------------------------+
| David Oliver                                 dave@clickshare.com |
| Managing Director-Technology              Clickshare Corporation |
+------------------------------------------------------------------+