[lists] Re: [clo-devel] Getting clhp installed on Apache
anthony at ventimiglia.org
Thu Nov 13 16:34:54 UTC 2003
Erik Enge writes:
> Anthony Ventimiglia <anthony at ventimiglia.org> writes:
> > I've documented it pretty well in the INSTALL file, basically we need
> > cmucl, asdf, apache, gcc and apxs (for building the module) apxs is
> > part of apache, with the Debian system you'll need to $ apt-get
> > install apache-dev to get apxs.
> Ok, looks fairly straightforward. Any risk of this eating up all CPU or
> something like that?
I can say for the most part, no. They way it works right now is that
mod_clhp fires a cmucl everytime it requests a page, and kills it
after it's done, so the life of the Lisp process is fairly quick. I
know this is not the most effiecient way to do it, but it is more
secure in the respect that we won't get runaway processes.
I eventually want to make it more persistant, but I have a few issues
to work out before that can be done.
The one caveat is that the code in the pages has to be written with no
malicious intent. In other words someone who has access to the server
and decides to try clhp can basically use anything available in CMUCL
inside their pages. So if one of us were to say fork a process, or do
something malicious, it could halt the server. But this is no more of
a security concern as allowing a user to write CGI scripts in any
Now as an option, you can set up apache so the clhp-handler will only
work in specific directories, say just set it up so it works under
/project/clhp/. That way only my pages could use it. It's really a
matter of trust, do you trust all common-lisp developers to not write
malicious code if they decide to use clhp? Now I would say none of us
want to shutdown the server, so it should be safe. I'd like to see it
eventually available site-wide, since it is quite an easy way to write
dynamic web pages, and being that we're all Lispers, the rest of the
site may like it.
The error handling is somewhat primitive, it gives shoddy reports, but
it runs in batch mode. So it ploghs through as many errors as possible
and exits rather than entering the debugger. Either way, Apache kills
it after the page requst is done, so even if it does enter the
debugger, it will be killed.
So from the design end, I don't see how it can run astray and bring
down the server, of course only testing will prove that. So far I can
just say that my LAN web server has been running CLHP for about a
month with no problems.
More information about the clo-devel