When I ran an ISP, there was no way I'd let users use mod_perl, because mod_perl scripts run with the same rights as the webserver. This means that one user could write a script that read the data of another user. Bad.
PHP has a built in security hack to work around this. All the file manipulation functions check the owner of the target file, and make sure it's the same as the owner of the PHP script. It's a simple hack, but that's why PHP is popular. ISP's will allow people to run PHP scripts that are fast, i.e. part of the apache process. They won't allow the same for perl, python, ruby, or anything else.
Want perl to be on top again for web work? Take mod_perl, fork it, and add that security hack. For total dominance go one step further and have it automatically put useful CGI environment data into global variables (%CGI for GET/POST, %APACHE for apache data, %COOKIES for cookies). Think up an extension for this new type of perl script, perhaps even two of them, one that runs the script directly, and the other that expects HTML with script breakout tags (".fps" for "fast perl script" and ".fph" for "fast perl hypertext" - whatever).
Then you'd have something that's fast, sexy and makes ISP's happy. It's a guaranteed hit.
Slashdot Mirror
--Thott
It's all about security.
When I ran an ISP, there was no way I'd let users use mod_perl, because mod_perl scripts run with the same rights as the webserver. This means that one user could write a script that read the data of another user. Bad.
PHP has a built in security hack to work around this. All the file manipulation functions check the owner of the target file, and make sure it's the same as the owner of the PHP script. It's a simple hack, but that's why PHP is popular. ISP's will allow people to run PHP scripts that are fast, i.e. part of the apache process. They won't allow the same for perl, python, ruby, or anything else.
Want perl to be on top again for web work? Take mod_perl, fork it, and add that security hack. For total dominance go one step further and have it automatically put useful CGI environment data into global variables (%CGI for GET/POST, %APACHE for apache data, %COOKIES for cookies). Think up an extension for this new type of perl script, perhaps even two of them, one that runs the script directly, and the other that expects HTML with script breakout tags (".fps" for "fast perl script" and ".fph" for "fast perl hypertext" - whatever).
Then you'd have something that's fast, sexy and makes ISP's happy. It's a guaranteed hit.
--Thott