[Catalyst] Using Catalyst with mod_per or FastCGI on heavytraffic web application

Carl Johnstone catalyst at fadetoblack.me.uk
Mon Feb 1 10:07:44 GMT 2010


Adam Mackler wrote:
> Finally, a wonderful benefit of using fastcgi is that each one of my
> fastcgi applications runs as a separate user, and none of those
> fastcgi users is the user that the web server runs as.  I sleep that
> much better at night knowing that the web server cannot read the files
> that have database passwords in them, and so on.

It's more likely that any security hole will be in the perl application 
rather than the web server, so your database password is equally exposed 
with either method.

In any case you should be able to make your app root read-only - which will 
mean that the apache child processes can't read the files.

Carl




More information about the Catalyst mailing list