RE: security with mod_perl
Not quite a manual, but read some of these discussions on PerlMonks: http://www.perlmonks.org/index.pl?node=mod+perl+isp+host&go_button=Search "mod_perl shared hosting" "ISPs supporting mod_perl" "mod_perl: the bane of share webhosting" Hope this gives you some answers (not a lot of hope, though) -Sidharth. -Original Message- From: Mike Zelina [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 11, 2003 12:59 PM To: [EMAIL PROTECTED] Subject: security with mod_perl I have a local hosting provider who has mod_perl installed on the server, but will not enable it for security reasons. After doing some digging on the mod_perl site and thinking about how many ways a renegade mod_perl program could bring down a site (large modules using a lot of memory means larger httpd process, consumes memory, hurts performance, etc.). I couldn't find any documentation on how a host *could* provide mod_perl and do it in a way that would be safe for his server and usable for a client. Maybe some way to restrict memory space or something? One problem I see is that Stat::INC would need to be enabled for everything (at least in the clients sandbox). I guess performance-wise, this would still be way better than straight CGI. Thanks for any help. If there is an "M" out there for this, please tell me to "RTF"! I looked into some of the sites listed on the mod_perl providers page on perl.apache.org. However, most of these sites are $99+ per month. My lowly non-profit clients can't afford this much $. I'm debating getting a bunch of non-profits together and do a dedicated server, but I'd rather not do that unless I have to. Thanks, Mike Zelina
RE: Children dying
I have also experienced the same without any [known] xml parsers or templates. -Original Message- From: Aleksandr Vladimirskiy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 14, 2001 1:54 PM To: Rasoul Hajikhani Cc: Jim Smith; [EMAIL PROTECTED] Subject: Re: Children dying This happens whenever I do anything with mod_perl - serve a URL by a handler I wrote or by a cgi script under Apache::Registry. If I knew what was causing this I wouldn't be asking this list. Alex On Tue, 14 Aug 2001, Rasoul Hajikhani wrote: > Jim Smith wrote: > > > > On Tue, Aug 14, 2001 at 10:48:48AM -0400, Aleksandr Vladimirskiy wrote: > > > > > > Hi all, > > > > > > I am running a perl 5.6.0, mod_perl 1.26, apache 1.3.19 on Solaris 2.6. I > > > get the following error in my logs: > > > > > > [Tue Aug 14 10:45:10 2001] [notice] child pid 2630 exit signal > > > Segmentation Fault (11) > > > > > > It looks like the child serves a request and immidiately dies. > > > > > > Does anyone have any ideas on how to figure out why this keeps happenning? > > > > What are you trying to do on the page that makes it segfault? If you are > > using XML::Parser in some way (with AxKit, for example) you need to make > > sure it and Apache are using the same expat library. Otherwise, it depends > > on what you are doing. > > > > --jim > > I also get that alot. Although, I am not using XML::Parser. I am using > Template Toolkit to generate dynamic content. My Templates are plain > templates. > -r > >
RE: Backing out a mod_perl install
someone please correct me but: I believe that make install will only overwrite httpd (the executable binary). Any other files that already exist will not be touched. Last time I did something like this, I simply made a copy of my httpd binary and everything else was in my system backups. -Original Message- From: Geoffrey Young [mailto:[EMAIL PROTECTED]] Sent: Monday, August 06, 2001 3:21 PM To: 'Bill Moseley'; [EMAIL PROTECTED] Subject: RE: Backing out a mod_perl install > -Original Message- > From: Bill Moseley [mailto:[EMAIL PROTECTED]] > Sent: Monday, August 06, 2001 3:18 PM > To: [EMAIL PROTECTED] > Subject: Backing out a mod_perl install > > > I'm upgrading mod_perl on a Solaris 2.6 production machine. > Although a > little downtime on this machine won't be a big issue, I'm > wondering about > backup plans. > > I've got mod_perl ready for "make install" (I'm currently > using a PERL5LIB > environment to test mod_perl on a high port from the blib). > > So I was just going to bring down the server, make install, and then > startup the new server. But, I'd like to be able to back out, just in > case. I was thinking about tar'ing up the Apache name space, > and Apache.pm > to backout the Perl modules so I could run the old httpd, if needed. you can try the tar_Apache and offsite_tar arguments to make and see if they wrap up everything you need... HTH --Geoff
