Marco d'Itri, 2014-12-04 23:58:58 +0100 : > On Dec 04, Christoph Anton Mitterer <cales...@scientia.net> wrote: > >> > While using many more times the resources. You obviously have no idea of >> > the challenges of providing secure web hosting for non-trivial >> > quantities of web sites. >> So what do you want to imply would be secure? > The point is not just "secure", but "secure and scalable". > And sadly the only good solution that fits this criteria is php-cgi with > some kind of uid-changing wrapper.
There's also libapache2-mpm-itk, which works just fine with PHP. [...] >> > FastCGI is another thing that almost nobody can afford when hosting >> > a significant number of web sites. >> Why not? > Because RAM is expensive and you cannot keep tens or even thousands of > fastcgi processes around waiting for a request. MPM-ITK does the setuid based on the request, so you get a (small) performance penalty but you keep a reasonable number of processes waiting for requests. Roland. -- Roland Mas You can tune a filesystem, but you can't tuna fish. -- in the tunefs(8) manual page. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87ppbyo537....@placard.fr.eu.org
