On Thu, 1 Mar 2001, Robin Berjon wrote:
> At 09:48 01/03/2001 +0800, Stas Bekman wrote:
> >Doug, do you plan to answer these concerns (see below) in 2.0? This kind
> >of question pops up quite often and it's a legitimate one, to allow ISPs
> >using mod_perl mainstream.
> >
> >So will it be possible to make pools of interpreters with different
> >owners, running under different UID/GID? I can think of MPM model where
> >there are different processes, each potentially owned by a different owner
> >and having a pool of threads inside of each.
>
> I think that's what the following two points address:
>
> http://perl.apache.org/~dougm/modperl_2.0.html#mpms multiprocessing model
> modules
> http://perl.apache.org/~dougm/modperl_2.0.html#perloptions directive
>
> (the urls' targets seem to contain whitespace, be sure to include those to
> get there directly).
>
> I'm not sure this addresses all such security concerns, but the following
> extract seems to imply that at least it can go a long way:
>
> "A common problem with mod_perl-1.xx was the shared namespace between all
> code within the process. Consider two developers using the same server and
> each which to run a different version of a module with the same name. This
> example will create two parent Perls, one for each VirtualHost, each with
> its own namespace and pointing to a different paths in @INC"
Oops, I have to reread the doc. It's been a long time...
Thanks for the head ups, Robin!
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:stas@stason.org http://apachetoday.com http://logilune.com/
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
|