Re: Apache::DBI: number of mysql connections vary wildly
Hi there, On Thu, 17 Oct 2002, John Cameron wrote: I am finding that the number of open number of database connections I have open at one time is varying wildly. Then, Suddenly, the number of connctions jumps up to 50 or more! Sometimes this falls back to below 20, but sometimes this keeps climbing. Server load hits over 50 (99.9% taken by mysql) and the system grinds to a halt. Your Apache is spawning new children to serve multiple concurrent requests. It's supposed to do that. The extra children are opening connections to the database. When it has more children than it needs it kills off surplus ones which closes the extra database connections. If your machine can't handle the load you need to reduce the possible load. Check the value of MaxClients in httpd.conf. You can read more about this in the (admittedly intimidating:) documentation, see the mod_perl home page http://perl.apache.org for some links. 73, Ged.
Apache::AuthCookie in mod_perl 1.99_5
I recently started testing experimental mod_perl 2.0, and almost immediately run into following problem: Apache::AuthCookie (3.04) wants to set auth_type of connection/request/whatever, but there no longer exists any method in Apache::blahblah that allows me to set the auth_type/auth_name of request/connection. There's still corresponding method to _GET_ the auth_type/auth_name, but it doesn't allow setting them any more. I haven't looked the module thoroughly so I haven't figured yet, whether this is needed or not. Any comments?
Fwd: Re: evil scripts kill the server...
Oops, forgot to reply to list. To: Eric Cholet [EMAIL PROTECTED] Subject: Re: evil scripts kill the server... From: Ilya Martynov [EMAIL PROTECTED] On Thu, 17 Oct 2002 14:09:17 +0200, Eric Cholet [EMAIL PROTECTED] said: EC Yes, please explain how careless programming practice can make root EC access available to the world. Apache by default runs under the EC unpriviliged user 'nobody', seems to me that giving root access to EC the world would require running Apache as root, not something which EC can be achieved only by careless programming. Am I missing something? Often Apache is started as root initially (to let it bind low number ports like 80) and later switches to other UID to serve client requests. One implication of this scheme is that when Perl modules are preloaded during Apache startup Apache runs as root. So some programming errors in code which is preloaded combined with such setup actually may lead to root exploit. Though it should be hard to exploit as normally client requests don't affect startup stage and thus cannot interact potentially insecure code. -- Ilya Martynov, [EMAIL PROTECTED] CTO IPonWEB (UK) Ltd Quality Perl Programming and Unix Support UK managed @ offshore prices - http://www.iponweb.net Personal website - http://martynov.org
Re: evil scripts kill the server...
--On Wednesday, October 16, 2002 19:48:33 +0100 Ged Haywood [EMAIL PROTECTED] wrote: Hi there, On Wed, 16 Oct 2002, Joerg Plate wrote: Is it true that you can kill the whole server, not just the script if you do something wrong with mod_perl? Yes, I'm afraid it is. How? For example by swallowing all the memory, by consuming all the CPU, and of course by making root access available to the world through careless programming practice... Need I continue? Yes, please explain how careless programming practice can make root access available to the world. Apache by default runs under the unpriviliged user 'nobody', seems to me that giving root access to the world would require running Apache as root, not something which can be achieved only by careless programming. Am I missing something? -- Eric Cholet
