[Info-vax] Apache + mod_php performance

[Craig A. Berry]

On 10/11/24 12:45 PM, Dan Cross wrote:
> In article <vebjse$3nq13$1 at dont-email.me>,
> Dave Froble  <davef at tsoft-inc.com> wrote:
>> On 10/11/2024 9:30 AM, Dan Cross wrote:
>>> [snip]
>>> As I gather, on VMS the analogous mechanism works since a) every
>>> socket on the system is associated with a unique device name in
>>> some global namespace, and b) once known, an unrelated process
>>> can $ASSIGN that device name, subject to authorization checking
>>> enforced by the system.  The authorization checks seem to be
>>> either, a) a process/subprocess relationship, or b) the
>>> assigning process has the SHARE privilege; it's not clear to me
>>> what else could go into those checks and how that interacts with
>>> e.g. SO_SHARE; presumably at least UIC checks or something must
>>> be completed?
>>
>> The share flag is for the device.
> 
> Ok, sure.  But does that mean that there's _no_ authorization
> checking of any kind to access the device?  For example, no
> checking UICs or ACLs or something?  If I set SO_SHARE on a
> socket, can _any_ process on the system, regardless of who it is
> running as, access that socket?

$ show device/full

on any BG device shows normal-looking device protections just as you
would see on any other device, e.g.:

Dev Prot    S:RWPL,O:RWPL,G:RWPL,W:RWPL

I don't think socket sharing is a privilege any more than file sharing
is; more likely it's just a hint to the driver that it needs to do extra
work to keep its internal state consistent when two processes are
accessing it.

There is an old Ask-the-Wizard article about socket sharing that uses a
mailbox to send the BG device name to the child process:

https://forum.vmssoftware.com/viewtopic.php?f=35&t=3511&p=7513

The example code sends UCX$C_SHARE using the QIO interface rather than
SO_SHARE and setsockopt(); I'm guessing it amounts to the same thing but
I can't find current relevant documentation for either.