On Thu, 1 Mar 2001, [EMAIL PROTECTED] wrote:
>
> > This is a general Unix webserver issue and not specific to
> > mod_perl, so I've marked your message [OT] for off-topic.
>
> Well, workarounds are available for specific webserver environments, so I
> don't believe it's an inappropriate question.
>
> With CGI, you use the suexec mechanism to start executable programs as a
> particular user. AFAIK you can't impersonate a user on unixy environments
> without forking a new process. And forking a new process under mod_perl
> really defeats the purpose.
Does it? I used to believe that too, but now that I've developed
applications that make rather extensive use of the Apache API, I would
actually love to have an environment similar to CGI but providing the full
Apache API, including logging, notes/pnotes, etc. I realise a lot of this
would be tricky and would require RPC (thus opening up a security hole in
its own right) but I think it would be worthwhile.
I certainly don't like the way we're all assuming mod_perl 2.0 is going to
solve all our problems. It won't. It will just give us some fresh ones
(like making all modules thread safe).
--
<Matt/>
/|| ** Founder and CTO ** ** http://axkit.com/ **
//|| ** AxKit.com Ltd ** ** XML Application Serving **
// || ** http://axkit.org ** ** XSLT, XPathScript, XSP **
// \\| // ** mod_perl news and resources: http://take23.org **
\\//
//\\
// \\
