I agree it is possible, I disagree that it should be nessasary. For
E-commerce sites you will find that the number of cgi's can end up much
larget than you would expect from normal web site statistics. I will let
this drop now as it appears that this is not going to be an option.
David Lang
On Fri, 16 Apr 1999, Theodore Y. Ts'o wrote:
>
> Date: Fri, 16 Apr 1999 13:27:23 -0700 (PDT)
> From: David Lang <dlang@diginsite.com>
>
> The environment that this senerio would be most likly to be used in would
> not be using a Linux box for the NFS server, instead it would be using
> something like a Network appliance (or their higher end competitor,
> Auspecs or domwthing like that). These boxes run their own OS, have their
> own filesystem and are heavily tuned (raid for disks, large amounts of
> static ram to buffer writes to, etc). They are also not cheap, the one I
> am using at my web farm here runs ~$60,000. not having the ability to use
> any capabilities for files residing on this system would be a drawback.
>
> Why? Put your all of your data files on the central NFS server.
>
> Put all of your executables (which for a web farm should be a *very*
> small number of files) on local disk. Simple, and secure.
>
> For bonus points, if what you need is something so simple, stupid that
> even a manager can maintain it, write a script which copies the
> executables from the NFS server, verifies their MD5 checksums, and
> finally verifies the PGP signature on the MD5 checksum file. Then have
> that script set any necessary capabilities on the freshly copied
> executables on your machine. There! Now it's even easy to administer.
> And still secure.
>
> - Ted
>
>
"If users are made to understand that the system administrator's job is to
make computers run, and not to make them happy, they can, in fact, be made
happy most of the time. If users are allowed to believe that the system
administrator's job is to make them happy, they can, in fact, never be made
happy."
- -Paul Evans (as quoted by Barb Dijker in "Managing Support Staff", LISA '97)
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBNxekNz7msCGEppcbAQGuygf+N+Z76Hqudri+/nKucNBdo9mH1/lgbyYz
9INKKSnIymBQDb0WoKq8IFXEgHd6haDwXPk5C038FWH3PHxQ8vt38/KWWg4f8fR3
JKazlXZBPI++S/WSzznUlfIBsalPktFMaa62Z2p2djVWNP5++SdMwBI1/folKYlZ
eUEHIi5kHnLLn5FcqYDc5Zkbrhdd+36Ge+bd/aRkOv0C2prThSrnTKZA4ma3bxaZ
lGg0gmDfq50PhoGc0frR1gBecA5Cbl45LP2/QkxQY/E6Jl6feZefs4RYhYcG5GKd
ALB1QKAK56lr4n3fYTp4tv73eF7UfF6u1YncDHK6tgAPVopMrdqGGA==
=Qlv9
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/