Re: New module proposal: gnome-user-share

From: Lennart Poettering <mztabzr 0pointer de>
To: desktop-devel-list gnome org
Subject: Re: New module proposal: gnome-user-share
Date: Fri, 24 Oct 2008 20:58:53 +0200

On Fri, 24.10.08 20:14, Josselin Mouette (joss debian org) wrote:

> Le vendredi 24 octobre 2008 à 12:53 -0400, David Zeuthen a écrit :
> > As I said, it's clear to me that Apache does meet our goals here. If you
> > want to propose something else, the burden is on you to provide evidence
> > that what you propose is not only reasonably secure, but also have good
> > processes in place for dealing with vulnerabilities.
> 
> The last times it happened, it seemed to me that lighttpd developers
> have good processes when it comes to security.
> 
> One other thing to consider wrt. security is the code size, and apache
> binaries are about twice as large.
> 
> There are of course other advantages with using lighttpd, such as less
> memory footprint, better performance and a much more flexible
> configuration scheme; it may not be necessary for gnome-user-share, but
> it’s much less error-prone and that’s another possible cause of bugs.
> 
> Contrary to what the name suggest, lighttpd is not just a lightweight
> web server, it is a powerful and complete implementation used by some of
> the biggest websites.

I don't think that this kind of FUD about Apache is very
constructive. Just because lighttpd has a "light" in its name it
doesn't mean that Apache is a slow huge beast. That is nonsense.

Apache is modular. You can decide what you want to use and what
not. It's easy to configure Apache in away that it is perfectly
suitable even for embedded use -- and I doubt it would be much slower
or more resource-hogging than any other httpd.

So, unless you have rational arguments, i.e. real numbers how much
"faster" and "lighter" and "less error-prone" lighttpd actually is
then all the noise about lighttpd (or Cherokee) is just noise. And
even if Apache was a bit slower, you get so much more for it when it
comes to functionality and well-tested-ness. Also Apache is available
in each distro and well understood.

Please, think twice before blindly believing that something is oh such
much lighter or oh so much faster just because some people who wrote
it like to use the word "lightweight". Let's stay rational!

There are good reasons to eventually adopt gsoup for this stuff. But
there is no benefit at all in adopting Cherokee/lighttpd over Apache.

Especially since the Apache support is already there, it is written.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net         ICQ# 11060553
http://0pointer.net/lennart/           GnuPG 0x1A015CC4

Follow-Ups:
- Re: New module proposal: gnome-user-share
  - From: Josselin Mouette
- Re: New module proposal: gnome-user-share
  - From: Patryk Zawadzki

References:
- New module proposal: gnome-user-share
  - From: Bastien Nocera
- Re: New module proposal: gnome-user-share
  - From: Patryk Zawadzki
- Re: New module proposal: gnome-user-share
  - From: Bastien Nocera
- Re: New module proposal: gnome-user-share
  - From: Frederic Peters
- Re: New module proposal: gnome-user-share
  - From: Josselin Mouette
- Re: New module proposal: gnome-user-share
  - From: David Zeuthen
- Re: New module proposal: gnome-user-share
  - From: Josselin Mouette

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]