On Thu, 12 Jun 1997, Brian Behlendorf wrote: (...deletia...) > > This of course has some interesting ramifications: > > 1) We will now be running CGI scripts on mirror sites. Previously all CGI > scripts, such as the search field and bug database, had an explicit link > back to www.apache.org. These CGI scripts only rely upon perl 4 (or 5) > being at "/usr/local/bin/perl". Is this a problem? i think it is, since bofh's like me like to produce the security loopholes on their own =) no, serously, i wont allow cgi stuff on my system when mirroring via ftp from another site. the impact of having a hacked script transferred to www.apache.org infesting all of the mirrors make www.apache.org a primary target for those wannabe-crackers out there, so i would propose to have a http://cgi.apache.org with bugdb and every other cgi stuff on it.
> > 2) Sites which pull down their content via ProxyPass will not have > dynamically generated mirror pages, though they should be cacheable. anyway, shouldnt proxy systems bailout from the cache procedure when they encounter a ? or & in the url? i think this is standard since a while (squid/harvest cached do it this way) > > > There may be more issues brought up by this than I anticipated - let's > discuss them here. Thanks again to everyone for providing mirror sites, > hopefully the storm will die down soon. try to randomize download locations on dns basis (dns round robin) for the different locations in the net topology. like having the following: download.us.apache.org for the us download.eu.apache.org for europe i think we can learn a lot from the freebsd mirroring strategy in this point, they dont have dns round robin but this is a point which would render the traffic occurance a little nicer. > > Brian > > --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- > [EMAIL PROTECTED] http://www.apache.org http://www.organic.com/jobs > With best regards, Karsten W. Rohrbach -- Nuclear war can ruin your whole compile. (Karl Lehenbauer) -> http://www.webmonster.de -> http://www.nacamar.de -> http://www.quakeforum.de -> http://www.apache.de
