According to Geoff Hutchison:
>Torsten Neuer wrote:
>> in configuring ht://Dig for different secured areas in intranet
>> or internet webs. However, I'm not too familiar with Apache
>
>This is intriguing. I contacted the Apache folks about 6 months ago,
>wondering if there would be any performance benefit to doing this.
>Ignoring the expense of calling exec() on the CGI, they said they didn't
>think there would be much. Obviously calling exec() could be removed by
>something like FastCGI or some of the other persistent-CGI systems out
>there.
I feel that performance issues might be a minor issue. The htsearch
CGI starts up pretty fast, so the only benefits will come from bypassing
operating system stuff with a preloaded htsearch. If the module is
compiled as a dynamically loadable module for Apache, there will probably
no difference between the module and the CGI versions with regards to
performance.
>I don't know of how security would benefit from a module, but I imagine
>there might be benefits there.
Security benefits will mainly come from hiding away the "restrict",
"exclude" and "config" parameters of htsearch. I remember that
methods of hiding these parameters from the end user for better
security of internal pages have been discussed on the htdig mailing
list not too long ago.
cheers,
Torsten
--
InWise - Wirtschaftlich-Wissenschaftlicher Internet Service GmbH
Waldhofstra�e 14 Tel: +49-4101-403605
D-25474 Ellerbek Fax: +49-4101-403606
E-Mail: [EMAIL PROTECTED] Internet: http://www.inwise.de
------------------------------------
To unsubscribe from the htdig3-dev mailing list, send a message to
[EMAIL PROTECTED] containing the single word "unsubscribe" in
the SUBJECT of the message.
