> (It also looks like there's no mod_python in the source tree; I don't > know why, but I never really used python so that's not surprising, but > it might be an argument against python. There is a mod_perl, mod_ruby, > and it might be supported via another port - but I don't see it in > python. And the mod_*s are quite a bit faster than CGIs.) > > As an off-the-wall remark, FastCGI looks really nice, too. I'll try it > sometime soon.
Having no mod_python is really no problem, see http://www.openbsd.org/cgi-bin/cvsweb/ports/www/py-jonpy/ for an alternative, basically everything you do with mod_* can (and often should) be done with fastcgi. The main advantage is security, because with fastcgi you can: Run apache or another fastcgi compliant (i'm thinking lighttpd here) webserver chrooted. Run your 'dynamic/data-driven/mvc/whatever' web application chrooted elsewhere and as a different user. Only share a socket either AF_UNIX or AF_INET between the two servers. A break in the www servers is still totally unlikely, If the web application is exploitable it will yield access to an unprivileged user in the web application's chroot. Another advantage with this approach is that some webservers (still thinking lighttpd) support fastcgi load-balancing, so you can run your web app on many machines.
