Re: [WebDNA] WebDNA future

This WebDNA talk-list message is from

2010


It keeps the original formatting.
numero = 104460
interpreted = N
texte = First, thanks for the comments. christophe.billiottet@webdna.us wrote: >> With sandboxes, an admin has the ability to limit how a user can interact with the rest of the server, particularly with DOS,SHELL,Applescript, file paths et al. Has this sort of thing been addressed with the fastCGI app that will most likely run in virtual host situation? I don't know of anyone that will want to install an app in a shared host enviro that will have the ability to fish around the entire server. Knowing Jaz though, I'm guessing he has already thought of this and addressed this.?? It seems like the only solution there is relative paths only, as not all domains will have different user and groups. > > The fastCGI has shell access if the administrator provides shell access to the user. On the contrary to the module version which needs the same permissions as apache (to be able to interact with apache files), a CGI runs with a single website permissions. This allows a webmaster to limit the range of the application, which will not be allowed to interact with other websites files. This greatly improves the security compared to the module. Chris, can you explain what you mean by "if an admin provides shell access to the user"? That is what WebDNA does... so not sure what you mean. >> Contrary to what was said, there *are* many who still use commands.. mostly because there are many who run SiteBuilder stores (which use commands). Now, I personally think SiteBuilder is outdated and needs an upgrade, particularly replacing the commands with contexts... However, the fact remains that it is functional, people use it, people make money with it, and yes, if done right, it can be secure. I know people use commands because I have worked on some of those sites. If commands are to be taken out of all the versions of WebDNA, those sites are dead in the water without reworks and the SiteBuilder product becomes a dead product without a rework. >> (Fine with me if that is the case, but significant none the less to quite a few, and something people may want a heads up on) > > this is why we will deliver a 6.2.1 module version. We are also working on the SiteBuilder. O.K., it's just still unclear to me what the module app type will look like. Will it still contain all the stuff that is going away in the fastCGI app type? >> Also, I personally utilize a lot of the (extended) features of the module based app.. globals and sandboxes in particular.. so I personally don't want to see those go away in the module-based app. > > Because of the very core of the fastCGI, there will be no need for globals or sandboxes: every single website owner will have full control over his WebDNA fastCGI copy, license included. No need for a "part" administration, or a central repository of functions. > > - chris--------------------------------------------------------- O.K., but if you notice, I was talking about the module-based app. Will it still contain a globals directory? Thanks, Donovan -- Donovan Brooke WebDNA Software Corporation http://www.webdna.us **[Square Bracket Utopia]** Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] WebDNA future (Jym Duane 2010)
  2. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  3. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  4. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  5. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  6. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  7. Re: [WebDNA] WebDNA future (Bob Minor 2010)
  8. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  9. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  10. Re: [WebDNA] WebDNA future (Govinda 2010)
  11. Re: [WebDNA] WebDNA future (Dan Strong 2010)
  12. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  13. Re: [WebDNA] WebDNA future (Bob Minor 2010)
  14. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  15. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  16. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  17. Re: [WebDNA] WebDNA future (Dan Strong 2010)
  18. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  19. Re: [WebDNA] WebDNA future (Brian Fries 2010)
  20. Re: [WebDNA] WebDNA future (Govinda 2010)
  21. Re: [WebDNA] WebDNA future ("Terry Wilson" 2010)
  22. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  23. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  24. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  25. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  26. Re: [WebDNA] WebDNA future ("JD Ready" 12:4)
  27. Re: [WebDNA] WebDNA future ("Terry Wilson" 2010)
  28. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  29. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  30. Re: [WebDNA] WebDNA future (Brian Fries 2010)
  31. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  32. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  33. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  34. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  35. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  36. Re: [WebDNA] WebDNA future (Kenneth Grome 2010)
  37. Re: [WebDNA] WebDNA future (Rob 2010)
  38. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  39. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  40. Re: [WebDNA] WebDNA future (Bob Minor 2010)
  41. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  42. Re: [WebDNA] WebDNA future (Donovan Brooke 2010)
  43. Re: [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
  44. [WebDNA] WebDNA future (christophe.billiottet@webdna.us 2010)
First, thanks for the comments. christophe.billiottet@webdna.us wrote: >> With sandboxes, an admin has the ability to limit how a user can interact with the rest of the server, particularly with DOS,SHELL,Applescript, file paths et al. Has this sort of thing been addressed with the fastCGI app that will most likely run in virtual host situation? I don't know of anyone that will want to install an app in a shared host enviro that will have the ability to fish around the entire server. Knowing Jaz though, I'm guessing he has already thought of this and addressed this.?? It seems like the only solution there is relative paths only, as not all domains will have different user and groups. > > The fastCGI has shell access if the administrator provides shell access to the user. On the contrary to the module version which needs the same permissions as apache (to be able to interact with apache files), a CGI runs with a single website permissions. This allows a webmaster to limit the range of the application, which will not be allowed to interact with other websites files. This greatly improves the security compared to the module. Chris, can you explain what you mean by "if an admin provides shell access to the user"? That is what WebDNA does... so not sure what you mean. >> Contrary to what was said, there *are* many who still use commands.. mostly because there are many who run SiteBuilder stores (which use commands). Now, I personally think SiteBuilder is outdated and needs an upgrade, particularly replacing the commands with contexts... However, the fact remains that it is functional, people use it, people make money with it, and yes, if done right, it can be secure. I know people use commands because I have worked on some of those sites. If commands are to be taken out of all the versions of WebDNA, those sites are dead in the water without reworks and the SiteBuilder product becomes a dead product without a rework. >> (Fine with me if that is the case, but significant none the less to quite a few, and something people may want a heads up on) > > this is why we will deliver a 6.2.1 module version. We are also working on the SiteBuilder. O.K., it's just still unclear to me what the module app type will look like. Will it still contain all the stuff that is going away in the fastCGI app type? >> Also, I personally utilize a lot of the (extended) features of the module based app.. globals and sandboxes in particular.. so I personally don't want to see those go away in the module-based app. > > Because of the very core of the fastCGI, there will be no need for globals or sandboxes: every single website owner will have full control over his WebDNA fastCGI copy, license included. No need for a "part" administration, or a central repository of functions. > > - chris--------------------------------------------------------- O.K., but if you notice, I was talking about the module-based app. Will it still contain a globals directory? Thanks, Donovan -- Donovan Brooke WebDNA Software Corporation http://www.webdna.us **[Square Bracket Utopia]** Donovan Brooke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Emailer on NT! (1998) price on detail, but not shoppingcart (1997) Multiple fields on 1 input (1997) WebDNA on Intel Mac? (2006) WebCat2final1 crashes (1997) RE: Major Security Hole IIS NT (1998) Authenticate (1997) WC 2.0 frames feature (1997) hideif/showif causes error if wrapped around searches (2003) extending webcatalog (1997) WebCat2b15MacPlugin - [protect] (1997) [OT] Security in general [Was] WebDNA security (2004) Pgp&emailer (1997) can WC render sites out? (1997) Another question (1997) Multiple prices (1997) Math inside [showif] (1998) Web Logs (1998) includes and cart numbers (1997) Find one not all, code not working (2003)