| |||||||||||||
This is the most ridiculous commentary...This is the most ridiculous commentary...Posted Dec 20, 2011 11:09 UTC (Tue) by job (guest, #670)In reply to: This is the most ridiculous commentary... by smurf Parent article: Cracks in the Foundation (PHP Advent)
For large web apps this is (and has always been) true. But the issue here is altogether different.
A large shared webhost has many thousands of web sites and only a few of them are active at any time. It is unreasonable to keep thousands of idle PHP processes around (and that is without room for concorrency which would be required in production).
That is what the web hotel business is all about, very cheap hosting, and this is what made PHP popular.
(Log in to post comments)
This is the most ridiculous commentary... Posted Dec 20, 2011 12:23 UTC (Tue) by smurf (subscriber, #17840) [Link] Sure it's unreasonable to keep them around. So let them die when they're no longer useful.Large sites increase the likelihood that somebody, somewhere on your system, is running code with a security hole or two. So it's even more important to shield individual customers from each other. Your decision, of course. But the web servers I am responsible for will never load mod_interpreter, much less mod_php.
This is the most ridiculous commentary... Posted Dec 20, 2011 16:14 UTC (Tue) by job (guest, #670) [Link]
When the number of idle sites are order of magnitudes larger than the number of active sites at any given moment that solution is equivalent to running PHP as CGI. That would price you out of the market. (And spare me the morals please, as much as I'd like to see mod_php dead it is still an important market which drove PHP's success.)
PHP won because of mod_php, but mod_php won the low end market because of safe_mode. My question still stands, what should replace it? Maybe SELinux can?
This is the most ridiculous commentary... Posted Dec 21, 2011 12:02 UTC (Wed) by andresfreund (subscriber, #69562) [Link]
> When the number of idle sites are order of magnitudes larger than the number of active sites at any given moment that solution is equivalent to running PHP as CGI. That would price you out of the market. (And spare me the morals please, as much as I'd like to see mod_php dead it is still an important market which drove PHP's success.)
Right, because idle sites cause that much load that cgi is actually a problem... Its the website that actually use their allotted bandwith/load/whatever that are a problem not the thousand with 3 visitors a day.
This is the most ridiculous commentary... Posted Dec 22, 2011 0:22 UTC (Thu) by job (guest, #670) [Link]
On a large shared web host, a very small percentage of the sites are have traffic at any given time, but it's still a lot in absolute numbers.
The only possible way to cram as many sites as possible on your host is to run them with a common interpreter, which can pose security problems. That's where mod_php succeeded.
(By the way, I got the answer to my specific question below, which is that other restrictions still apply.)
|
|||||||||||||