[Zope] hard-coded pcgi

Andreas Kostyrka andreas@mtg.co.at
Thu, 4 Feb 1999 00:52:24 +0100 (CET)


On Wed, 3 Feb 1999, Phillip J. Eby wrote:

> At 02:50 PM 2/3/99 -0500, Kevin Dangoor wrote:
> >On Wed, Feb 03, 1999 at 02:04:10PM -0500, Phillip J. Eby wrote: 
> >,-----
> >| Oops, that was unclear.  I meant to say that if your host gives you your
> >| own ID, *and* executes CGI under that ID, then you have nothing else to do
> >| except keep permissions straight.
> >
> >Ahh! That's ideal! Does someone out there set it up like that?
> 
> Hiway, RapidSite, BellSouth, BellAtlantic, Ameritech, GTE (when they launch
> gte-hosting.net or .com or whatever it is), as well as numerous
> private-label hosting providers who are affiliated with one of the above
> companies but not disclosing their relationship.  If you're curious whether
> a particular hosting service is on the platform that supports this, just
> check to see if the server is "Rapidsite/Apa" using the NetCraft "What
> server does that site run?" page.  
> 
> The "Rapidsite/Apa" server type is the fourth most popular (by domains
> served) web server on the 'net, right after vanilla Apache, IIS, and
> Netscape Enterprise.  Its current market share is about half that of NS
> Enterprise, with over 86,000 to Netscape's 171,000.  Given that there are
> no real environment standards for shared hosting with other server types,
> RS/Apa is arguably *the* dominant shared hosting platform in existence
> right now, if you consider the platform to be a combination of the server,
> the installed software, directory structures, hardware configurations, user
> control panel, etc.
Actually, it's quite easy to setup with Apache if suexec was included in
the compilation: It's just one directive in <VirtualHost>, so I'd consider
Apache as shared as one get :)

The problem is, that setting su-exec and understanding it's operation (as
it's extremly security sensitive) is not trivial, so services with lower
quality standards seem to ignore this configuration.


> Except for the RS/Apa platform, where PCGI presents process-start problems
> that FastCGI doesn't.  On the RS/Apa platform, the cgi-fcgi wrapper is
> available, and all CGI's execute as the correct user ID to begin with, so
> the need for a setuid wrapper is eliminated.  And some hosting brands that
> use the RS/Apa platform offer hosting with CGI for as little as $25/month.
Actually, as a sysadmin, I've noticed even a less fascinating thing about
Bobo. (So I presume it applies to Zope too.)
The processes my BoboHTTPServer create seem to be in the 2MB data size
range for the basic stuff. Considering that this is NOT shared, as it is
mostly data from the kernel perspective (I'm considering Linux here, but
it's a general problem), it can rather quickly add up.

Now this doesn't sound much, but compared to Apache where the memory foot
print is in the area of 2-3MB, and doesn't grow significantly if you have
many web servers, this can be a problem, especially if some ISP starts to
offer Zope service without considering the impact upon the hardware.

> Now all I've got to do is get the engineers and sysadmins for the RS/Apa
So what is this RS/Apa platform?
> platform to approve Zope as a supported LRP on the platform...  but that's
> another story.  :)

Andreas
-- 
Win95: n., A huge annoying boot virus that causes random spontaneous system
     crashes, usually just before saving a massive project.  Easily cured by
     UNIX.  See also MS-DOS, IBM-DOS, DR-DOS, Win 3.x, Win98.