[Catalyst] Using Catalyst with mod_per or FastCGI on heavytraffic
web application
Carl Johnstone
catalyst at fadetoblack.me.uk
Mon Feb 1 10:07:44 GMT 2010
Adam Mackler wrote:
> Finally, a wonderful benefit of using fastcgi is that each one of my
> fastcgi applications runs as a separate user, and none of those
> fastcgi users is the user that the web server runs as. I sleep that
> much better at night knowing that the web server cannot read the files
> that have database passwords in them, and so on.
It's more likely that any security hole will be in the perl application
rather than the web server, so your database password is equally exposed
with either method.
In any case you should be able to make your app root read-only - which will
mean that the apache child processes can't read the files.
Carl
More information about the Catalyst
mailing list