Re: [SQLObject] SQLObject vs mod_python security issue
SQLObject is a Python ORM.
Brought to you by:
ianbicking,
phd
Menu
▾
▴
Re: [SQLObject] SQLObject vs mod_python security issue
|
From: Michael W. <mw...@mi...> - 2004-02-28 02:35:29
|
On Sat, 2004-02-28 at 07:04, David McNab wrote: > I've just noticed that SQLObject keeps some sort of process-global > 'registry' of tables. > > This creates a security situation with mod_python. Interesting. I've never used mod_python and it never occured to me to think about this. Thanks for the heads up. BTW I use Quixote and that project's "SCGI" to avoid one-shot CGI. SCGI uses mod_scgi to simply pass http requests off to the long-running scgi process (which is a Publisher subclass which your application creates) for the application. There certainly is no shared space between individual applications or users - so might be handy in a vhosts situation. I run my own web servers and have client implementations each running their python applications with no concerns. And it performs very well too. But then I happen to like the Quixote model, ymmv... -- Mike Watkins mw...@mi... Absence makes the heart go wander. |
