Re: Technical committee acting in gross violation of the Debian constitution

To: debian-devel@lists.debian.org
Subject: Re: Technical committee acting in gross violation of the Debian constitution
From: Russ Allbery <rra@debian.org>
Date: Thu, 04 Dec 2014 16:01:31 -0800
Message-id: <[🔎] 871tofx8v8.fsf@hope.eyrie.org>
In-reply-to: <[🔎] 1417728195.4457.10.camel@scientia.net> (Christoph Anton Mitterer's message of "Thu, 04 Dec 2014 22:23:15 +0100")
References: <201411251941.16723.envite@rolamasao.org> <CAKTje6ECfcV=F5Qou3OJXNTqN23u6Hv9OHyYxhAarmy5SjFtWA@mail.gmail.com> <201411262329.26670.envite@rolamasao.org> <87zjbd33to.fsf@hope.eyrie.org> <1417047554.17080.2.camel@kagura.malsain.org> <E1Xu5h6-0007GZ-6S@swivel.zugschlus.de> <877fyg8emt.fsf@vostro.rath.org> <E1XuPus-0002za-AR@swivel.zugschlus.de> <1417198186.4622.4.camel@scientia.net> <[🔎] 20141204160325.GS6563@smurf.noris.de> <[🔎] 20141204201436.GA1605@bongo.bofh.it> <[🔎] 1417728195.4457.10.camel@scientia.net>

Christoph Anton Mitterer <calestyo@scientia.net> writes:
> On Thu, 2014-12-04 at 21:14 +0100, Marco d'Itri wrote: 

>> FastCGI is another thing that almost nobody can afford when hosting a
>> significant number of web sites.

> Why not?

> When I've investigated in mod-php vs. cgi vs. fcgi, the fcgi turned out
> to have roughly the same performance as mod-php (plain cgi of course
> much worse).

FastCGI, at least the normal way I've seen it deployed, sets up a running
daemon for each script that's running via FastCGI.  (You can spawn those
dynamically to some extent, but that's fairly limited, and then you're
mostly reproducing a standard CGI environment with extra complexity.)

If your web site hosting has unbounded numbers of untrusted scripts that
it may be running (I've had to solve this problem for unique script counts
over one million), that FastCGI environment is rather... challenging to
set up.

In the long run, that sort of sandbox environment is dying for other
reasons, and people are gravitating towards application platforms like
Drupal that pose other, different maintenance challenges.  But FastCGI is
not a replacement for standard CGI if you actually fully used the
capabilities of standard CGI (merits of allowing that aside -- it's hard
to turn insecure things off when tens of thousands of people have written
lots and lots of web sites assuming that behavior).

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Re: Technical committee acting in gross violation of the Debian constitution
  - From: Matthias Urlichs <matthias@urlichs.de>
- Re: Technical committee acting in gross violation of the Debian constitution
  - From: md@Linux.IT (Marco d'Itri)
- Re: Technical committee acting in gross violation of the Debian constitution
  - From: Christoph Anton Mitterer <calestyo@scientia.net>

Prev by Date: Re: Technical committee acting in gross violation of the Debian constitution
Next by Date: Work-needing packages report for Dec 5, 2014
Previous by thread: Re: Technical committee acting in gross violation of the Debian constitution
Next by thread: mass hosting + cgi [WAS: Technical committee acting in gross violation of the Debian constitution]
Index(es):
- Date
- Thread