httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Douglass <>
Subject Re: mod_auth-any/1672: Authentication / .htaccess DoS attack (fwd)
Date Thu, 15 Jan 1998 01:09:03 GMT
On Wed, Jan 14, 1998 at 02:50:17PM -0700, Marc Slemko said:

> Joy joy.  Now for .htaccess files we not only have to (by default) open
> (or try to open) a zillion files, we have to stat them too.  That sucks.

Not really.  I mean you aren't going to be scaling by a multiple of 2.
Think of it this way, you can do either one first.  If you 'open' first
and it fails, you don't have to 'stat'; and if you 'stat' first and it
fails with ENOENT, you don't have to open the file.  So pick the faster
of the two and use it first. :)

Michael Douglass
Texas Networking, Inc.

<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady

View raw message