[Info-vax] Apache + mod_php performance
Dan Cross
cross at spitfire.i.gajendra.net
Fri Oct 11 17:29:34 EDT 2024
In article <vec4sb$3qc1e$1 at dont-email.me>,
Dave Froble <davef at tsoft-inc.com> wrote:
>On 10/11/2024 1:45 PM, Dan Cross wrote:
>> In article <vebjse$3nq13$1 at dont-email.me>,
>> Dave Froble <davef at tsoft-inc.com> wrote:
>>> On 10/11/2024 9:30 AM, Dan Cross wrote:
>>>> [snip]
>>>> As I gather, on VMS the analogous mechanism works since a) every
>>>> socket on the system is associated with a unique device name in
>>>> some global namespace, and b) once known, an unrelated process
>>>> can $ASSIGN that device name, subject to authorization checking
>>>> enforced by the system. The authorization checks seem to be
>>>> either, a) a process/subprocess relationship, or b) the
>>>> assigning process has the SHARE privilege; it's not clear to me
>>>> what else could go into those checks and how that interacts with
>>>> e.g. SO_SHARE; presumably at least UIC checks or something must
>>>> be completed?
>>>
>>> The share flag is for the device.
>>
>> Ok, sure. But does that mean that there's _no_ authorization
>> checking of any kind to access the device? For example, no
>> checking UICs or ACLs or something? If I set SO_SHARE on a
>> socket, can _any_ process on the system, regardless of who it is
>> running as, access that socket?
>
>Dan, it's been quite a while, so I'd have to research that question.
>
>If I had to guess, I'd expect all VMS protections and such to be respected. I
>doubt one could just go out and access any BG device without having access.
I should hope so, Dave, but as it is, it looks under
documented at best.
- Dan C.
More information about the Info-vax
mailing list