We've expanded our news coverage and improved our search! Visit
news.oreilly.com for the latest or search for all things across O'Reilly!
Article:
 |
|
Creating Easy-to-Deploy Unix Applications for OS X
|
| Subject: |
|
good point but... |
| Date: |
|
2003-10-26 04:34:36 |
| From: |
|
anonymous2
|
|
|
|
I like this article, and agree with the main gist of what it says -- as a longtime Mac user who eventually went through the Unix school of hard knocks (Unox?), I see it from both perspectives. But, since the article makes a few references to network applications, I think it would also be prudent to keep in mind some of the security reasons that many traditionally Unix-based web applications use external components rather than providing an integrated all-in-one solution.
While the author makes a case for alternative, and more lightweight, HTTP servers, one of the reasons to stick with Apache is simply its resilience to most HTTP-based attacks. That's not to say that other servers like Twisted are insecure, but Apache is heavily scrutinized and monitored since so many sites are using it. The same is true of heavyweight database servers like Oracle -- obviously it's overkill for a low-key nonprofit wiki to have the user purchase Oracle9i (or perhaps even to install and configure [My|Postgre]SQL), but these database servers are more reliable for network applications that need security protections.
Also, the suggestion of offering a web page for users to configure the application is a good one, but a local-only UI for doing this would be better. By default Apache cannot serve its configuration files since they are outside of the document root (or name-blocked such as ".htaccess"), but the tradeoff is that the files cannot be edited via the web.
Just a few thoughts.
|
