headers
Jose Celestino | 5 Jan 2004 17:58
Picon
Gravatar

Symlinks

Hi. How come latest mathopd versions (from 1.4 I think) don't support
the Symlinks directive?

--

-- 
Jose Celestino                    Email: japc <at> co.sapo.pt
PTM.COM                           Direc��o de Tecnologia de Produto
Av. Fontes Pereira de Melo, 40    Admin. e Desenv. Sistemas UNIX - OMG
Edif�cio Picoas Bl. A, 3� Piso
1069-300 Lisboa - Portugal

gpg key fingerprint : D3F3 B47B F20C 3B1E 488C B949 1B8B 8141 07B1 363B
Permalink | Reply | 0 comments |
headers
Michiel Boland | 6 Jan 2004 13:46

Re: Symlinks

> Hi. How come latest mathopd versions (from 1.4 I think) don't support
> the Symlinks directive?

It is impossible to implement this securely. Symlink checking works as
follows (grossly simplified)

1  lstat() a file
   if it is a symbolic link, refuse the request,
   otherwise

2  open it

The problem is that there is a window of time between (1) and (2)
during which a malicious user can change a file into a symbolic link
and thus bypass the check.

If you are really concerned about security I would recommend you run
the server in a chroot environment (using RootDirectory.)
HTH

Cheers
Michiel
Permalink | Reply | 0 comments |
headers
jim | 9 Jan 2004 15:23

Re: [AOLSERVER] Mention of AOLserver in Feb 2004 Linux Journal.

Mathopd will have higher latency as an image server, because it is
single threaded and doesn't do asynchronous disk I/O.  So on a
high-end server, the number of IOs/sec it can generate is limited.  AS
does not have this problem since it is multi-threaded.

However, mathopd services requests in a very "fair" manner: in an ab
test, the difference between minimum request time and maximum request
time is very small.  On AS, this is not the case, and there are
relatively large variances in request service time, indicating that
some threads are being starved.  This could be an AS design issue or
an OS scheduling/resource issue - dunno.

Mathopd is definitely the faster engine, but its design limits its
capacity.  Mathopd with asynchronous disk I/O would be awesome.

Mathopd:
--------
Concurrency Level:      15
Time taken for tests:   0.976 seconds
Complete requests:      10000
Failed requests:        0
Total transferred:      2100210 bytes
HTML transferred:       450045 bytes
Requests per second:    10245.90
Transfer rate:          2151.85 kb/s received

Connnection Times (ms)
              min   avg   max
Connect:        0     0     1
Processing:     0     0     1
(Continue reading)

Permalink | Reply | 0 comments |
headers
Michiel Boland | 14 Jan 2004 15:12

Mathopd 1.5 released

Hi.

I have not received any further bug reports for 1.5 betas so I hereby
officially declare mathopd-1.5 ready for release.

I have uploaded two new versions to the website: mathopd-1.5 and
mathopd-1.4p3. The only change with respect to previous versions is
a fix for unresponsive servers (this is essentially the 'accept patch' I
mailed to the list the other day.)

Cheers
Michiel
Permalink | Reply | 0 comments |

Gmane