Tony Marston wrote:
""Richard Lynch"" <ceo@xxxxxxxxx> wrote in message
news:2918.67.184.122.32.1165189075.squirrel@xxxxxxxxxxxxxxxx
On Sun, December 3, 2006 5:22 am, Tony Marston wrote:
""Richard Lynch"" <ceo@xxxxxxxxx> wrote in message
news:63703.209.254.223.2.1165095595.squirrel@xxxxxxxxxxxxxxxx
On Sat, December 2, 2006 5:31 am, Tony Marston wrote:
I think it is quite possible for a sysAdmin to configure
AllowOverride
and .htaccess in such a way that "too much" latitude is granted to
their clients to access each others' data...
I disagree. What directives can give you access to other people's
data?
I believe I once managed to track down a bit of data using
FollowSymlink for a client that wasn't available otherwise.
In our case, it was data they actually had a legal/moral right to see,
but technical snafus were in the way.
Presumably all the other combinations of AllowOverride are not there
just for the sheer fun of complexity by the Apache team.
I'm betting that at least some of them have security trade-offs in
mind, and are not just about random features nor performance.
And there is alleged to be a significant performance loss to
.htaccess, so a hurried sysAdmin may have over-simplified their
decision process...
"Alleged" is the word. Where are the figures to support this? While
there is
"some" performance loss, with the speed of today;'s PCs can this
really be
considered as "significant"?
I don't have benchmarks.
Do you?
No, otherwise I would have quoted them. Generally speaking when people say
that "X is inefficient or bad for performance" all they can prove is that if
something extra is done then it takes extra processing time to perform that
extra work, and they usually quote from an out-of-date source. While the
time taken for Apace to process an htaccess file may have been significant
on a 1Mhz processor it is barely noticeable on a 3Ghz processor.
If the time taken to process an htaccess file on one of today's processors
adds 0.000001 seconds to a page's load time, would that be regarded as
"significant"? Would this be a small price to pay for the advantage of being
able to change Apache's configuration with an htaccess file?
It would depend on your site as well. If you have a lot of directories,
apache has to go from the bottom to the top of the site to see if there
are any htaccess files along the way..
Whether that causes a noticeable performance difference I doubt it (but
then again I'd argue that a site with a huge directory structure would
need a bit of a redesign anyway).
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php