Re: Technical committee acting in gross violation of the Debian constitution

To: debian-devel@lists.debian.org
Subject: Re: Technical committee acting in gross violation of the Debian constitution
From: Matthias Urlichs <matthias@urlichs.de>
Date: Thu, 4 Dec 2014 17:03:25 +0100
Message-id: <[🔎] 20141204160325.GS6563@smurf.noris.de>
In-reply-to: <1417198186.4622.4.camel@scientia.net>
References: <20141116001628.GO32192@teltox.donarmstrong.com> <201411251941.16723.envite@rolamasao.org> <CAKTje6ECfcV=F5Qou3OJXNTqN23u6Hv9OHyYxhAarmy5SjFtWA@mail.gmail.com> <201411262329.26670.envite@rolamasao.org> <87zjbd33to.fsf@hope.eyrie.org> <1417047554.17080.2.camel@kagura.malsain.org> <E1Xu5h6-0007GZ-6S@swivel.zugschlus.de> <877fyg8emt.fsf@vostro.rath.org> <E1XuPus-0002za-AR@swivel.zugschlus.de> <1417198186.4622.4.camel@scientia.net>

Hi,

Christoph Anton Mitterer:
> For many things, CGI is actually the only way to run them securely,
> since it's the only way to run foreign processes in a container
> environment (chroots, etc.) or with user privilege separation.

?

If you can run a CGI inside a chroot/container/whatever, you can run a
small web server on a local port / Unix socket, and reverse-proxy it,
just as easily.

FastCGI is just a slightly more fancy way of doing this.

> The poor man alternatives like mod-php5 are nothing which a security
> conscious admin would ever use.
> 
Definitely.

-- 
-- Matthias Urlichs

Reply to:

Follow-Ups:
- Re: Technical committee acting in gross violation of the Debian constitution
  - From: md@Linux.IT (Marco d'Itri)
- Re: Technical committee acting in gross violation of the Debian constitution
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Re: DE features dependent on Systemd
Next by Date: Re: curl and certificate verification in jessie
Previous by thread: Re: Technical committee acting in gross violation of the Debian constitution
Next by thread: Re: Technical committee acting in gross violation of the Debian constitution
Index(es):
- Date
- Thread