Earl Hood wrote:
Assuming that he choose to let incoming messages update the archive
instantly, the reduced load on the server that mod_perl makes possible
would fit well, wouldn't it?
And how would incoming messages be piped in automatically? If you
are implying some HTTP method, this can be very insecure. The only
way to do this securely is to have mhastart.pl accessible only via
an SSL connection and password access. A client (maybe written in
LWP) could be written that connects via HTTPS, and sends the proper
username/password with the message. Of course, the access to client
itself would need to be protected to avoid someone getting access
to the password.
Do you mean that invoking MHonArc from a script run under mod_perl
requires a higher security level than when invoked from a CGI script?
In the end it's of course up to each user to choose based on an
evaluation of potential risks in the light of the nature of the archive,
supplementary backup procedures etc.
/ Gunnar
--
Gunnar Hjalmarsson
Email: http://www.gunnar.cc/cgi-bin/contact.pl
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV
