Erik Enge writes:
Anthony Ventimiglia anthony@ventimiglia.org writes:
I've documented it pretty well in the INSTALL file, basically we need cmucl, asdf, apache, gcc and apxs (for building the module) apxs is part of apache, with the Debian system you'll need to $ apt-get install apache-dev to get apxs.
Ok, looks fairly straightforward. Any risk of this eating up all CPU or something like that?
I can say for the most part, no. They way it works right now is that mod_clhp fires a cmucl everytime it requests a page, and kills it after it's done, so the life of the Lisp process is fairly quick. I know this is not the most effiecient way to do it, but it is more secure in the respect that we won't get runaway processes.
I eventually want to make it more persistant, but I have a few issues to work out before that can be done.
The one caveat is that the code in the pages has to be written with no malicious intent. In other words someone who has access to the server and decides to try clhp can basically use anything available in CMUCL inside their pages. So if one of us were to say fork a process, or do something malicious, it could halt the server. But this is no more of a security concern as allowing a user to write CGI scripts in any language.
Now as an option, you can set up apache so the clhp-handler will only work in specific directories, say just set it up so it works under /project/clhp/. That way only my pages could use it. It's really a matter of trust, do you trust all common-lisp developers to not write malicious code if they decide to use clhp? Now I would say none of us want to shutdown the server, so it should be safe. I'd like to see it eventually available site-wide, since it is quite an easy way to write dynamic web pages, and being that we're all Lispers, the rest of the site may like it.
The error handling is somewhat primitive, it gives shoddy reports, but it runs in batch mode. So it ploghs through as many errors as possible and exits rather than entering the debugger. Either way, Apache kills it after the page requst is done, so even if it does enter the debugger, it will be killed.
So from the design end, I don't see how it can run astray and bring down the server, of course only testing will prove that. So far I can just say that my LAN web server has been running CLHP for about a month with no problems.