[Catalyst] Fast CGI vs ModPerl
Perrin Harkins
perrin at elem.com
Fri Dec 8 21:57:57 GMT 2006
Renaud Drousies wrote:
> In my opinion, I'd say that the main disadvantage of running a mod_perl
> application is that your application runs with the webserver's
> credentials, which means that:
>
> - Any security hole means your whole webserver can be compromised
> - If you need your catalyst app to access some ressources, then the
> user/group the webserver is running as must be granted access to those
> ressources.
If you run with the common setup of a reverse proxy and a separate
mod_perl server, the security situation is identical for FastCGI and
mod_perl.
- Perrin
More information about the Catalyst
mailing list