Re: [SQLObject] SQLObject vs mod_python security issue
SQLObject is a Python ORM.
Brought to you by:
ianbicking,
phd
Menu
▾
▴
Re: [SQLObject] SQLObject vs mod_python security issue
|
From: Bob I. <bo...@re...> - 2004-02-28 04:12:46
|
On Feb 27, 2004, at 9:49 PM, David McNab wrote: > Michael Watkins wrote: >> BTW I use Quixote and that project's "SCGI" to avoid one-shot CGI. >> SCGI >> uses mod_scgi to simply pass http requests off to the long-running >> scgi >> process (which is a Publisher subclass which your application creates) >> for the application. There certainly is no shared space between >> individual applications or users - so might be handy in a vhosts >> situation. > > Except that less than 2% of vhosts allow persistent processes. > > (Not many allow mod_python either, but I'd suspect that there's more > vhosts allowing mod_python than persistent processes). mod_python is just simply not appropriate for those kinds of vhost environments. I certainly wouldn't put anything I care about in a shared python interpreter with people I don't trust, nor would I use an ISP that was foolish enough to offer that without the option of persistent processes. I do understand that some people can't afford decent hosting for whatever reason, and they should just learn PHP ;) Besides, I bet persistent processes have better performance and scalability.. most requests probably aren't hitting mod_python, so you're eating up more memory than you need.. and if they are mostly hitting python scripts, then what the heck are you using apache for in the first place? It (apache+mod_python) doesn't make anything easier or more reliable. -bob |
