<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">One way in which Apache could improve is to make privilege separation<br>
easier. On a shared host, there is no reason why my insecure PHP<br>
scripts and your fully-patched Drupal installation should be running<br>
under the same user ID. But you see that sort of thing all the time.<br></blockquote><div><br>Apache has that feature via suExec<br><br><a href="http://httpd.apache.org/docs/2.0/suexec.html">http://httpd.apache.org/docs/2.0/suexec.html</a><br>
<br>If you are using static content, it is directly usable. <br><br>If you are using dynamic content, it prevents you from using mod_php, the<br>fastest way of running PHP. In practice, shared hosts force you to use CGI, <br>
which is fine for low traffic site, but very inefficient if your site gets even <br>a medium amount of traffic.<br><br>I see that fcgid (FastCGI support with process management) says it supports <br>SuExec too:<br><br><a href="http://fastcgi.coremail.cn/configuration.htm">http://fastcgi.coremail.cn/configuration.htm</a><br>
<br>This is very promising since it addresses the scalability issue. I have yet to try it <br>though.<br></div></div>-- <br>Khalid M. Baheyeldin<br><a href="http://2bits.com">2bits.com</a>, Inc.<br><a href="http://2bits.com">http://2bits.com</a><br>
Drupal optimization, development, customization and consulting.<br>Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra<br>Simplicity is the ultimate sophistication. -- Leonardo da Vinci<br>