Users Sharing a Single Web Server
Users Sharing a Single Machine
Giving Each User a Separate Machine (Colocation)
Giving Each User a Virtual Machine
This appendix proposes a few techniques for deploying mod_perl on ISP machines. Therefore, it's mostly relevant to ISP technical teams and ISP users who need to convince their providers to provide them with mod_perl services.
There are at least four different scenarios for deploying mod_perl-enabled Apache servers that ISPs may consider:
Users sharing a single web server
Users sharing a single machine
Giving each user a separate machine
Giving each user a virtual machine
This appendix covers each of those scenarios.
An ISP cannot let users run their code under mod_perl on the main server. There are many reasons for this. Here are just a few to consider:
With all the problems described above, it's unwise to let users run their code under mod_perl on a shared server, unless they trust each other and follow strict guidelines to avoid interfering with each other's files and scripts (both of which are unlikely).
Note that there is no reason for an ISP not to run mod_perl applications that they control themselves. The dangers are only when they allow users to write their own mod_perl code. For example, an ISP might provide its users with value-added services such as guest books, hit counters, etc., that run under mod_perl. If the ISP provides code and data, which are not directly accessible by the users, they can still benefit from the performance gains offered by mod_perl.
mod_perl 2.0 improves the situation, since it allows a pool of Perl interpreters to be dedicated to a single virtual host. It is possible to set the UIDs and GIDs of these interpreters to be those of the user for which the virtual host is configured, so users can operate within their own protected spaces and are unable to interfere with other users.
Copyright © 2003 O'Reilly & Associates. All rights reserved.