On 2018-02-12, Kevin Chadwick <m8il1i...@gmail.com> wrote: > On Mon, 12 Feb 2018 14:42:53 +0100 > > >> Did anyone use httpd to serve a flask app (python)? >> I found this [1], but its a little outdated (python < 3) and makes me >> wonder about safety, because of all those dependencies copied in >> chroot. >> >> Any advice ? > > It seems python requires RWX mem by default. Ridiculous considering it > is a relatively new tool. Relegates it to, avoid for anything important > for me.
Python itself does not need WX mappings. Some native-code extensions need it so the executable has to be marked in this way otherwise those extensions can't be used. If we had similar extensions for perl (they exist but not currently in ports), perl (and thus /usr) would need this treatment too. > If you still wish to use it, you will likely need to add the wxallowed > mount option to the partition your chroot is on these days. Otherwise > you will see messages about the kernel killing it in /var/log/messages Right.
