Subject: RE: CVS commit: src/libexec/httpd
To: Karsten Kruse <tecneeq@gmx.net>
From: De Zeurkous <zeurkous@nichten.info>
List: source-changes
Date: 10/17/2007 22:30:33
Haai,
On Wed, October 17, 2007 00:08, Karsten Kruse wrote:
> Mindaugas R. schrieb:
>
>[snip]
>>> Import of bozohttpd for its originally intended purpose: a small (~30k)
>>> simple run-from-inetd httpd suitable for small systems (and some large
>>> ones).
>
> This httpd works fine with NetBSD and is only ~1,5 k:
>
> #!/bin/sh -e
>
> # httpd.sh - Very small webserver
> # Karsten Kruse 2004 2005 www.tecneeq.de
>[snip script]
This approach has multiple issues:
1) It's typical shell code. I can identify loads of problems with the coding
style affecting actual execution; some of them form well-known security
holes that are trivial to exploit;
2) Does not approach nor exceed the capabilities of bozohttpd;
3) Interpretation causes excessive CPU load.
As for points 1 and 3: I'm currently working on it. However, in the mean
time, we'll have to take a more conservative approach.
> MFG,
>
> Karsten Kruse
>
> --
>
> ()
> <\/> GPL-guy: "Argh, they used my code! :-/"
> _/\_ BSD-guy: "Cool, they used my code! :-)"
Ha!
Baai,
De Zeurkous
-----------
Friggin' Machines!