|
| <Questions> | jwbozzy asks: this is a test | 13:13 |
| <jeff> | Questions: that's easy! |
| If you would like to ask a question during the forum, send your question to Questions via msg. |
| <dv> | who selects questions? | 13:14 |
| <roblimo> | dv, secret kieretsu |
| <DrBacchus> | They get posted to slashdot, and get modded up or down. |
| <jeff> | Simply /MSG Questions I was wondering what the square root of Pi is. Could you cover that, and also talk a little bit about the value of X? |
| Don't message Questions with anything other than questions for Ken Coar. Anything else gets deleted. Questions are queued and passed on in an orderly fashion by a group of moderators. | 13:15 |
| <Questions> | X-Istence asks: How are you doing today? | 13:16 |
| <X-Istence> | How long? |
| <jeff> | Questions WILL be re-ordered to flow in logical sequence. Questions will likely NOT be asked in the order in which they were submitted. |
| That is all. :) |
| <X-Istence> | how long till it starts? | 13:17 |
| <w32kleza> | I take it the channel will be +m? |
| <X-Istence> | Roger that. |
| <pmcgovern> | starts in 40mins | 13:18 |
| <X-Istence> | Okay :) |
| <LoRez> | BrBourbon? | 13:21 |
| <pmcgovern> | Chat will start in 30mins. | 13:33 |
| Chat will begin in 15mins | 13:44 |
| <KenCoar> | Hrmph! | 13:46 |
| * KenCoar | clears his fingers |
| <roblimo> | Get answers to your toughest Apache questions direct from Apache luminary Ken Coar. A leading author, speaker and Apache visionary, Ken is a core developer of the Apache project , and a vice-president and director of The Apache Software Foundation . He's also the author of Apache Server for Dummies , and a contributing author to Apache Server Unleashed . | 13:50 |
| <KenCoar> | Don't forget Apache Cookbook, just out last November. | 13:52 |
| <Questions> | dv asks: are there any plans to have apache run on BeOS? | 13:58 |
| <KenCoar> | Apache 2.0 already has an MPM for BeOS. | 13:59 |
| As for 1.3.. if it doesn't run there now, it's not likely to be retrofitted. |
| <Questions> | dv asks: can you tell us some linux-specific optimisations to make apache run faster? | 14:02 |
| <KenCoar> | Apache 2.0 already has an MPM for BeOS. |
| As for 1.3.. if it doesn't run there now, it's not likely to be retrofitted. |
| * KenCoar | has a sudden sense of déja vù | 14:03 |
| <pmcgovern> | 2mins | 14:05 |
| <roblimo> | Get answers to your toughest Apache questions direct from Apache luminary Ken Coar. A leading author, speaker and Apache visionary, Ken is a core developer of the Apache project, and a vice-president and director of The Apache Software Foundation . He's also the author of Apache Server for Dummies, Apache Cookbook, and a contributing author to Apache Server Unleashed. | 14:06 |
| Please use #forum.d for (unmoderated) discussion. | 14:07 |
| <Questions> | dv asks: can you tell us some linux-specific optimisations to make apache run faster? | 14:09 |
| * KenCoar | chuckles | 14:10 |
| <jwbozzy> | Ok, lets get started. |
| <KenCoar> | Well, there's a chapter on performance in the Apache Cookbook that Rich Bowen and I just finished writing. |
| I can't think of any Linux-specific ones off the top of my head. Things are *very* situational and depend on traffic patterns. | 14:11 |
| <Questions> | Diablo-D3 asks: Ken, when did you start working on Apache, and what was it like? | 14:12 |
| <KenCoar> | I was first exposed to Apache (which was just the Web server back then) in 1996. I was using NCSA's httpd at the time. After looking at the Web site, I scrounged the eddress of one of the developers and sent him private email asking whether it could do 'x'. | 14:13 |
| He told me 'no'. :-) | 14:14 |
| He also mentioned the development mailing list, but kinda discouraged me from getting on it because 'there were too many lurkers already.' |
| I joined anyway, lurked for a couple of weeks, and then jumped in. I made enough of a nuisance of myself with suggestions and patches that Roy Fielding suggested I be given commit access four months later. | 14:15 |
| It was a much more closely-knit community back then, I think, in part because of the way the development process was handled. | 14:16 |
| <Questions> | liamfoy asks: Thanks for taking your time in answering our questions. I am just wondering what you see next for the apache project ? |
| <KenCoar> | Which part of Apache? It's more than just the Web server now. | 14:17 |
| If you're asking specifically about the Web server, I'm not sure where it'll go next. Not only am I not as active in development as I used to be (or would like to be again), but it's very evolutionary -- it depends on the fiercest of the itches bothering people. | 14:18 |
| Performance and scalability are always good bets. | 14:19 |
| <roblimo> | To ask a question: /msg Questions $your_question | Discussion in #forum.d | 14:20 |
| <Questions> | Morbus asks: with mail servers like sendmail and postfix increasingly having features to block spam and dictionary attacks, do you ever envision Apache having a proactive security stance to SQL or similar forms of GET/POST protection (ala mod_security). |
| <KenCoar> | Certainly. However, what I envision doesn't necessarily have any effect on what will actually happen. :-) | 14:21 |
| Nothing is free; security costs something, just like everything else. Usually it's convenience, but it's also frequently performance. | 14:22 |
| How fool-proof do you want to make it? The MTAs can't keep users of Outbreak Express from opening explosive attachments. |
| A lot of the sensitive issues about the Web have to do with dynamic pages -- which is a different model than email. You have n different people writing the dynamic pages (note that I don't say 'designing' them :-) -- and I think that n+3 of them aren't software developers. | 14:24 |
| So.. yes, I would liek to see (and hope I will) more security awareness and instrumentation and control in the Web server. But it's a moving target and en endless battle. |
| s/liek/like/ | 14:25 |
| <Questions> | wendall911 asks: What do you think about caching utilities like Turck-mmcache, et al and api such as memcached for use in optimizing mod_php and other software used in conjunction with Apache. |
| <KenCoar> | I can't speak to the specifics you mention, but in general I think caching is a good thing. |
| It's not as simple as that, though, because writing a *good* cache system is a very complex task. | 14:26 |
| And it's very easy for major bogosities to creep in -- like caching the wrong stuff. |
| More and more of the content on the Web is dynamic, and most of it either isn't intended to be cached, or can't be cached safely, or the content developers don't know how to include caching instructions as part of their pages. | 14:27 |
| When it's done right, though, it can take a tremendous load off the World Wide Wait. | 14:28 |
| <Questions> | Juanjo asks: 12I would like to have an idea on the number of people involved in the development of the Apache web server. How many of them just code, how many design, etc. Thanks! |
| <KenCoar> | It varies. When it's relatively quiet, there are maybe a dozen people active on the development list. When it's noisy, that number can quintuple. | 14:29 |
| Hang on, let me get a number.. | 14:30 |
| There are currently about 700 eddresses subscribed to the httpd development mailing list (which is where all development happens). | 14:31 |
| Many of those are not developers at all, but just interested parties. |
| Some are developers for organisations that provide after-market support or add-ons for the server. | 14:32 |
| Quite a few are past developers who are currently inactive for whatever reason. |
| When it comes to working out a design, I'd guess there are maybe no more than a dozen people who really get into it. |
| At most. | 14:33 |
| There are about 250 eddresses subscribed to the documentation project list, of which maybe 2^4 are active. At a guess. | 14:34 |
| Many of those are also on the development list; people watching the development in order to update the docco appropriately. |
| <Questions> | geoff asks: Are there any plans to branch the webserver into distinct sub-groups? For example ApacheLite, ApacheXP, ApacheAdvancedServer. It is a safe bet to say that most users of apache don't use all the functionality. |
| <KenCoar> | Not as far as I know, but I'm 'way behind on the development mailing list. I just got back from a long trip and found 34'000 messages in my inbox. :-( | 14:35 |
| However, one od the advantages of the Apache Web server's modular design is that you can mix and match precisely what you want. | 14:36 |
| s/od/of/ |
| So I don't think there's really any need for subprojects of the code. Working groups which focus on the best mix of modules for specific purposes, maybe. | 14:37 |
| <Questions> | dv asks: will apache ever support .NET or is that totally against the apache philosophy? |
| * KenCoar | laughs |
| <KenCoar> | The Apache philosophy is not anti-Microsoft. It's pro-openness. | 14:38 |
| (Again, I assume the question is referring specifically to the Web server.) |
| So if the Web server is to support .NET (about which I know NeXT to nothing), it would probably be done either by someone writing the appropriate modules for it, or a sideways engine like Apache Tomcat. | 14:39 |
| The Perl slogan is, 'there's more than one way to do it.' I suppose one possible Apache slogan would be, 'do it if you want.' | 14:40 |
| :-) |
| <Questions> | kraupu asks: You have just said that you don't have much time to work on Apache project? What is your main job? |
| <KenCoar> | I've been trying to figure that out for the last couple of years. :-D |
| Right now, I spend a lot of time dealing with email. And a lot of time dealing with ApacheCon. | 14:41 |
| And a lot of time dealing with conference presentations. |
| However, my employer pays me primarily to work on solving difficult customer problems and providing consulting internally. |
| They pay for the rest sort as an adjunct. They get a little restive if it appears the customer aspect is getting short-changed. I don't blame them. | 14:42 |
| I don't necessarily *like* it, but I don't blame them. |
| People ask me a lot, 'why do you have so much email?' I get over 2'000 messages a day. A lot of that is spam (googling for my eddress will come up with tens of thousands of hits, thanks to the mailing list archives, so I'm on every spam list ever compiled). | 14:43 |
| A lot of it is mailing list moderation; I moderate dozens of lists. So dealing with the spam load there is an issue. | 14:44 |
| And yes, I use spam tools, like Mozilla's junk controls and SpamAssassin. But those come up with false positives every now and then. | 14:45 |
| So even though they make it easier, there's still some eyeballing necessary. |
| A lot of my mail is just for filing for my later reference or perusal. |
| Oh, and in case anyone is wondering who is busy employing me.. it's IBM. | 14:46 |
| <Questions> | quinlan asks: I believe the structure of a open source project has a large impact on whether or not the project succeeds. What are the biggest strengths and weaknesses of Apache's structure and how has it changed over time? |
| <KenCoar> | H'm. | 14:47 |
| I think one of the biggest strengths is the opportunities provided for just about anyone to participate, and the mutual respect that exists between most of the players. |
| I think one of its weaknesses is a tendency to 'go for the code', potentially sacrificing quality. | 14:48 |
| For instance, before 1998 we used a model called 'review-then-commit' (RTC). |
| Changes were proposed on the mailing list, and they required positive feedback from at least three people who had tested the changes and found them good. | 14:49 |
| While that promotes quality, it can also slow progress. | 14:50 |
| The list of open issues, and the votes-so-far on each one, was maintained by an individual who mailed it out semi-regularly. (Usually weekly.) |
| Two changes have been made here. The first is the introduction of commit-then-review (CTR), which means, 'unless you expect it to be controversial, go ahead and commit whatever you like, and anyone who disagrees can complain afterward.' | 14:51 |
| That speeded up development, but I think some quality was sacrificed. | 14:52 |
| The other change in handling was that the list of open issues stopped being maintained and sent by a person, and instead became a file in the source control system, automatically emailed. |
| The negative aspects of that include that it then became no one person's responsibility to add submissions from new people to the status file, and hence a lot got dropped -- essentially ignored. | 14:53 |
| But back to the question. The procedures we use to handle the development, and the way we interact with each other, are among our greatest strengths. | 14:54 |
| The tendency to be cliquey and exclude outsides is one of our greatest weaknesses. |
| All IMHO, of course. |
| s/outsides/outsiders/ | 14:55 |
| <roblimo> | /msg Questions $your_question |
| <Questions> | DaMouse404 asks: do you see any features in the IIS that you would like in Apache? |
| * KenCoar | chuckles |
| <KenCoar> | I can't really say, since I don't use IIS and didn't realise that it actually had features. | 14:56 |
| <Questions> | w32kleza asks: Are there any plans to continue sharing code between the NCSA Server and Apache? | 14:57 |
| <KenCoar> | I don't think so. To the best of my knowledge, the NCSA httpd has been retired and moribund for years, and the Apache developers have already mined it for interesting ideas. | 14:58 |
| That's mined as in 'dug up', not as in 'blow up'. |
| The Apache httpd project doesn't import any code from NCSA AFAIK, although we owe that project a tremendous debt and vociferously admit it. If there's any life left over there, I don't know if they import any Apache stuff or not. | 15:00 |
| <Questions> | quasi asks: what are the main points in the new license? |
| <KenCoar> | Whoo. Well, let's see. One of the big new points is that it has been reworded so that anyone can apply it to his code without having to change 'apache' to 'myfoo'. | 15:02 |
| Another big point is that it now includes text about patents and similar intellectual property issues, intended to protect both the developers and the users from submarined claims. | 15:03 |
| And probably the third Big Thing in the 2.0 licence is that it includes a contributor licence. That is, if you submit anything to the ASF based on our own code, it's implicitly covered as though you had signed one of our CLAs (Contributor Licence Agreements). | 15:04 |
| For reference, the 2.0 licence is online at http://www.apache.org/licenses/LICENSE-2 .0.html |
| There's a .txt version also for easier inclusion. |
| We clearly acknowledge licence-by-reference now, as well, which means the full text doesn't need to be included in every file; a pointer is sufficient. It always was, but we weren't clear about it. | 15:05 |
| <roblimo> | We're going to cut off questions now... answer ones we have, call it a day... | 15:06 |
| <Questions> | itchyArse asks: How do modules such as mod_dav get brought into the Apache umbrella? Is it by popularity? Or maybe due to a group of peoplethinking it is useful for a large # of people? |
| <KenCoar> | Typically by there being someone who wants to champion it, plus the code being good quality. | 15:07 |
| We're very careful to ensure that any code that comes in has at least one person (preferably more) on the development team who is capable (and willing) of supporting and maintaining it. | 15:09 |
| We don't accept code dumps. |
| Some code won't be accepted no matter what, either because of licensing issues (e.g., GPLed code) or other IP factors, or because the people agitating for it have seriously pissed off all the developers. Which almost assumes that the 'we have a maintainer' requirement isn't being met. :-) | 15:10 |
| <Questions> | dwa asks: How does it feel like to beat a costy webserver like IIS, despite all the efforts of Microsoft (think of advertising and so on) to push IIS through? | 15:11 |
| <KenCoar> | In a word: great! | 15:12 |
| However, we don't have the goal of beating anyone. Our goals are quality and scratching our itches. It just happens that those two seem to beat commercial goals like an arachnophobe beats a spider. | 15:13 |
| He just can't help himself. |
| :-) |
| <roblimo> | Thank you all for participating. That's it for today -- we're out of time. | 15:14 |
| We now return to our regularly scheduled (whatever) |
| <KenCoar> | (Don't forget to buy Apache Cookbook! Take two, they're small! ;-) |
| <weebl> | Slashnet would like to thank Ken Coar, roblimo and the Slashdot crew for this forum. | 15:15 |
| I personally would like to thank my fellow Slashnet Opers for helping too. | 15:16 |
| * jwbozzy | bows | 15:17 |
| <KenCoar> | is the channel closed? | 15:18 |
| <weebl> | no it's not |
| <jwbozzy> | Not anymore. |
| <Dessimat0r> | <> |
| .::::. |
| <Diablo-D3> | woo |
| <jwbozzy> | it is now open discussion. |
| <jeff> | KenCoar: you're welcome to stick around and talk with folk. |
| <Dessimat0r> | @\\/W\/\/W\//@ |
| \\/^\/\/^\// |
| <roblimo> | KenCoar, worse. It's OPENED! | 15:19 |
| <jeff> | KenCoar: or you can leave now while you still can. up to you. :) |
| <wendall911> | KenCoar: Thank you. |
| <Diablo-D3> | I bet jwbozzy.... jesus |
| <KenCoar> | thanks, jeff! |
| <jeff> | KenCoar: in any event, thanks! :) |
| <vegas> | clap clap clap clap clap |
| <Diablo-D3> | KenCoar: thanks man |
| <KenCoar> | Thenkew, thenkew. |
| <diminished> | KenCoar: Maybe you can make us a discount for the (Apache Cookbook) book? :D |
| <X-Istence> | KenCoar: What are future projects the Apache group might be working on? |
| <liamfoy> | yeah cheers |
| <Xcalibor> | this question got unaired, maybe KenCoar will answer it?: YAWS is a web server written in Erlang that has an incredible power to process petition thanks to Erlang's impressive concurrency capabilities. Is there any plan to enhance Apache's multithreading by moving to message passing style instead of POSIX/OS threads, or is this too difficult to introduce now into Apache? |
| <diminished> | hehehe |
| * liamfoy | nods at discount | 15:20 |
| * KenCoar | can now resume its normal identity and mode of speech |
| <liamfoy> | probably rich anyway ;) |
| <dv> | �3,6batman touched my junk liberally. he strapped me in to his batmobile and he couldnt keep his offensive hands off of me. he was performing many red flag touches. i couldnt believe what the fuck was going on. i told batman the city would not approve of a millionare touching an underage kid for free.� Go Ken!! |
| <KenCoar> | gag. channel nicklocked. |
| <jwbozzy> | I knew it. |
| <weebl> | heh you beat me on that one jw |
| <jwbozzy> | yeah, that is to prevent nick floods |
| <Marc> | /msg Questions has anybody ever seen a problem where a post request is expected with parameters, but apache receives it as a GET with no parameters? |
| <Dessimat0r> | <> | 15:21 |
| .::::. |
| @\\/W\/\/W\//@ |
| \\/^\/\/^\// |
| _\_O_<>_O_/_ |
| / ' ' ' ' ' '\ |
| <Diablo-D3> | lol |
| <liamfoy> | God damn kids |
| <KenCoar> | kline that bugger.. |
| <jwbozzy> | I love children. |
| <Diablo-D3> | Woah nugget was here |
| <Xcalibor> | yup.. |
| <Diablo-D3> | nugget gets around |
| <KenCoar> | they're good roasted. |
| <X-Istence> | KenCoar: What are future projects the Apache group might be working on? |
| <mhnoyes> | KenCoar: mhnoyes wanted to ask: When will we see better W3C XSL-FO 1.0 Standard support in FOP? Specifically, table and programlisting elements in DocBook XML/XSL to PDF conversions. |
| <liamfoy> | they are americas economy ;) |
| <DrBacchus> | X-Istence: It's called the Incubator. incubator.apache.org |
| <Xcalibor> | KenCoar, any change Apache will get concurrency instead of classical multithreading? | 15:22 |
| <Diablo-D3> | KenCoar: what are the changes of apache httpd caching perl bytecode without mod_perl? |
| KenCoar: er, chances |
| <DrBacchus> | weebl: Oh, you're going to post a log? |
| <dv> | ok |
| <KenCoar> | 'k, back to cases. discounts: i have no control over that. your best bet is to buy through someplace like amazon which already has a good discount. like through http://tinyurl.com/iwwi |
| <jeff> | DrBacchus: we always do. |
| <dv> | sorry. |
| <DrBacchus> | cool. |
| <Diablo-D3> | jwbozzy just keeps getting cooler | 15:23 |
| <jeff> | DrBacchus: it'll be linked from slashnet.org for certain, and usually slashdot.org catches it in a slashback. |
| <weebl> | Log will be posted to www.slashnet.org i'm sure |
| <DrBacchus> | ok |
| <vegas> | KenCoar, any chance mod_security will be included into apache one day ? |
| <jwbozzy> | Yes. |
| <Dave2> | damn US times messing everything up :P |
| <KenCoar> | mhnoyes: re fop: i don't know. you need to ask on the fop mailing list. |
| <mhnoyes> | KenCoar: thx. Will do. | 15:24 |
| <KenCoar> | vegas: that would be nice. as usual, it would need an advocate/champion. i'm personally in favour. mostly, anyway. |
| Diablo-D3: perl bytecode.. i think essentially nil. |
| <Diablo-D3> | Wow |
| <Xcalibor> | that's almost Lisp ;-) |
| <DrBacchus> | That's kinda what mod_perl is for. Why would you need it outside of mod_perl? |
| <Diablo-D3> | sf.net cant do mod_perl. |
| <KenCoar> | Xcalibor: you mean parallisation? |
| <Diablo-D3> | Thats why I asked |
| <KenCoar> | bugger.. | 15:25 |
| <rindolf> | We're flooded |
| <jwbozzy> | its ok. |
| <Diablo-D3> | Jesus christ. |
| <diminished> | *yawn* |
| <s0ren> | yeesh |
| <X-Istence> | i am with ken on this. |
| * jeff | sets +a |
| <Xcalibor> | KenCoar, yes |
| <diminished> | Kiddies. |
| <Diablo-D3> | There should be a law against this |
| <jwbozzy> | WebServ can handle it. |
| <Diablo-D3> | <Diablo-D3> sf.net cant do mod_perl. |
| <weebl> | heh |
| heh |
| <Diablo-D3> | Thats why I asked. |
| * KenCoar | tries to recapture where the hell it was |
| <Xcalibor> | massive paralellization, so it can stand a DoS more easily.. |
| plus serve processes more easily | 15:26 |
| <Dave2> | woo. |
| <DrBacchus> | Surely that's something sf.net needs to fix, not apache? |
| <X-Istence> | KenCoar: What do you think the futur holds for the Apache group? |
| <Diablo-D3> | DrBacchus: its an apache scalability issue, actually |
| <Rossi27530> | o |
| <Diablo-D3> | DrBacchus: supposibly apache2 doesnt have that issue, but sf.net isnt ready to switch to apache2 yet, or something like that |
| <KenCoar> | Xcalibor: if you're talking about parallelisation in the classic 'decompose this operation so that multiple cpus can attack its separate subparts,' i don't think that's likely to happen any time soon, if at all. the last time i brought it up, i got laughed off my chair. |
| <Diablo-D3> | KenCoar: didnt some scifi author think that up? | 15:27 |
| <Xcalibor> | KenCoar, oh... |
| <Diablo-D3> | parallelisation is more like the borg if anything |
| <wendall911> | KenCoar: sounds like a perfect project then ;) |
| <KenCoar> | anyone who asked a question i haven't answered (i've got yours, X-Istence), please re-post it.. |
| <tierra|w> | KenCoar, do you have any knowledge of the progress with the perchild MPM? |
| <KenCoar> | Diablo-D3: think what up? | 15:28 |
| <Diablo-D3> | KenCoar: 'decompose this operation so that multiple cpus can attack its separate subparts,' |
| <Xcalibor> | KenCoar, I was talking more towards using lighter processes than pthreads/apr threads, like Erlang's message-passing concurrency... |
| <Diablo-D3> | KenCoar: it sounds like a bad scifi plot against some AI bad guy ;) |
| <KenCoar> | Diablo-D3: probably. most things were. |
| <Dave2> | decompose their operations! you will not survive! | 15:29 |
| does a bit... |
| <Diablo-D3> | heheh |
| all your operations are belong to us! |
| <DrBacchus> | Suggestion: If you like Erlang, use it. |
| <KenCoar> | X-Istence: future of the apache group.. you realise that the apache group refers to just the web server project/ |
| ? |
| <Diablo-D3> | well, doesnt the apache group plan to do more things? |
| <X-Istence> | KenCoar: yes, what do you think the future holds in store for it? | 15:30 |
| <Diablo-D3> | KenCoar: Id like to take the time to say apache rocks. |
| jeff++ |
| <KenCoar> | Xcalibor: there have been discussions about fibres, but i don't know where they stand. bear in mind that the web server runs on over 100 different platforms, so you're essentially talking about a new mpm. if someone wants to write it, cool! |
| <DrBacchus> | Diablo-D3: The "more stuff" that Apache is doing is in the incubator. http://incubator.apache.org/ | 15:31 |
| <KenCoar> | Diablo-D3: thanks. send it me in email and i'll forward it. |
| <Xcalibor> | KenCoar, I see, you are right... thanks :) | 15:32 |
| <KenCoar> | DrBacchus: that's the asf stuff, not the httpd stuff mostly. |
| <diminished> | xpK_ needs to be banned -- he/she is spamming. |
| <DrBacchus> | He asked ASF. I thought. Sorry. |
| <Diablo-D3> | incubator looks cool | 15:33 |
| <KenCoar> | Diablo-D3: the group will work on whatever itches the current developer-set is suffering. the set changes over time, and almost all httpd development is evolutional rather than by design. |
| <Diablo-D3> | KenCoar: well, I was thinking more along the lines of web dev related stuff |
| * KenCoar | wishes the irc modes were less cryptic, so it would have a clew about what''s being done |
| <Diablo-D3> | +s is secret | 15:34 |
| <jeff> | irc worms love to join -s channels and spam. don't follow the link spammed, and you won't get a copy of a nice Windows worm. |
| <KenCoar> | web dev or web dav? |
| <Diablo-D3> | dev, as in development |
| in specific, non-application specific website frameworks and such |
| (wow, thats bad english) |
| <X-Istence> | I have yet to find a good page that lets me know why Apache HTTPD 2.x was rewritten from scratch. | 15:35 |
| <jeff> | KenCoar: irc is quite cryptic at times, yep.+s is "secret". it does a few things, including making the channel not appear in the output of a /LIST command. Lots of irc worms spread by joining channels seen in /LIST and spamming the members with a url that exploits an MSIE flaw to comprimise their Windows machine, etc, etc. |
| <KenCoar> | i don't think the httpd group would get involved in that; they're interested in http servers, not site dev. as for the asf instead of the httpd project.. i think there are already a few projects in that area. |
| <tierra|w> | KenCoar, do you have any knowledge of the progress with the perchild MPM? | 15:36 |
| <DrBacchus> | X-Istence: Because things that we wanted to do could not be done with the existing codebase. | 15:37 |
| <X-Istence> | ah |
| <KenCoar> | tierra|w: thanks, i knew someone had asked about that. no, i have no specific knowledge -- i *do* know that there's a lot of demand for it, but apparently none of the developers are interested in it right now. the solution is to find someone who's interested in it, get it subscribed to the dev list and submitting patches to it, and all will benefit. |
| <DrBacchus> | X-Istence: There were fundamental design changes that required us to start over. |
| <X-Istence> | ah, thanks. | 15:38 |
| <KenCoar> | DrBacchus is correct. things like different ways of addressing the scaling issue, the ability to chain modules so they could transform each other's output, etc. |
| <kraupu> | KenCoar, what OS do you use? :-) |
| <X-Istence> | KenCoar: you might be the wrong person to ask, but why is mod_php still unstable when used with Apache HTTPD 2.x? | 15:39 |
| <KenCoar> | i use linux (red hat) for development and playing, and what writing i can do there; w2k for email (my employer's email system as well as mine), graphix work like photoshop, and the writing that must be done in msword; and os x for play. |
| <X-Istence> | or is this a PHP development problem |
| <jeff> | X-Istence: ask the php folk. ;) | 15:40 |
| X-Istence: but in personal experience, i've seen very little to no problems with php running under apache 2.x |
| <KenCoar> | X-Istence: to the best of my knowledge, it's perfectly stable if you use the prefork mpm. |
| if you use any of the others, there are reentrancy and thread-safety issues. |
| <jeff> | ah. good point. my statement above applied to my use of php with the preform mpm. |
| <Diablo-D3> | isnt apache 2.x rated for mission critical apps now? |
| <quasi> | Diablo-D3: we certainly know setups that use it for that | 15:41 |
| <KenCoar> | Diablo-D3: certainly. but you have to work within the technological constraints. | 15:42 |
| if the libc people had been able to find a clew in ye olden days, much of this would be a no-brainer. personally, i think the non-reentrant code is inexcusable; we knew how to do better even then. | 15:43 |
| <Diablo-D3> | which libc people? | 15:44 |
| the ancient bsd-ish ones, or the modern ones? |
| <KenCoar> | both. think of any libc function that maintains its own context, and it's a perp. |
| <jwbozzy> | Heh. | 15:45 |
| <Diablo-D3> | Well, yeah, all libc functions should be fully reentrant |
| Im surprised thats not like a posix or c99 requirement or something |
| Like, an anti-stupidity stopgap measure or something | 15:46 |
| <X-Istence> | whats reentrant mean? |
| * KenCoar | decides to plug more of its stuff, like the book |
| <quasi> | yeah, buy more books! | 15:47 |
| <X-Istence> | i should go out and get the Apache Cookbook once i got some cash. |
| <boris> | KenCoar: how does your employer reacts |
| <KenCoar> | X-Istence: re-entrant means that two (or more) different execution threads can have active calls to the function at the same time without screwing each other up. such as a signal handler that gets invoked in the middle of a function. |
| <boris> | to this conversation? |
| <jeff> | with a channel full of 88 other folk, and with the official forum over, i was hoping you would take advantage of that to plug more things. ;) |
| <Diablo-D3> | X-Istence: it can be executed in odd situations, like multiple concurrent threads, and not bork eachother |
| damn, Ken beat me |
| <KenCoar> | http://CafeShops.Com/meepzor (esp. http://CafeShops.Com/meepzor/220638) | 15:48 |
| <X-Istence> | So a lot of them bork each other, as they try to write to the same memory space? |
| <Diablo-D3> | something like that |
| <KenCoar> | yep. lots of lib routines have static storage. |
| <Diablo-D3> | its all race situations, anyhow |
| <jwbozzy> | X-Istence: or they hold their own internal state | 15:49 |
| doh. |
| <Diablo-D3> | so its.. uh.. "undefined behavior"? |
| * jwbozzy | punches enter key |
| * KenCoar | tries to think of one.. there are tonnes, and some particularly obnoxious ones |
| <hobbit> | strtok()? |
| <KenCoar> | bingo. |
| <Diablo-D3> | KenCoar: what stops us from using our own libc? |
| <X-Istence> | So basically, to get better performance libc would have to be rewriten or an alternative used. |
| <jwbozzy> | sanity. |
| <Diablo-D3> | does glibc 2.3.x have this problem? | 15:50 |
| <KenCoar> | for one thing, the api is already defined -- so you'd have to have new names for the functions. |
| <Diablo-D3> | KenCoar: apachec_foo() ;) |
| <KenCoar> | some work has already been done on that, and the re-entrant versions suffixed with '_r' (e.g., strtok_r()) |
| <Diablo-D3> | or afoo()? |
| ahh, not namespace switch, okay |
| <X-Istence> | does C++ have this same problem? | 15:51 |
| i would assume so. |
| <Diablo-D3> | probably. |
| * KenCoar | flinches violently |
| <jwbozzy> | Yes. |
| since C++ uses the same libc |
| and just wraps around it in most cases. |
| <Diablo-D3> | KenCoar: what happens if you use the re-entrant version on an app that wasnt ment for it? |
| * KenCoar | lost the thread and looks for it |
| <KenCoar> | ah. | 15:52 |
| <jwbozzy> | I wouldn't think there would be an effect, Diablo-D3 |
| it should work the same, shouldn't it? |
| <Diablo-D3> | well, would it actually cause problems? |
| <jwbozzy> | Unless, for some wizardly reason, you are attempting to access some of the internal state static variables or some crap? |
| <X-Istence> | So possibly a group should get together and rewrite libc so that it works fine. |
| <saturn> | you would have to rewrite the app to pass the state around between functions |
| <KenCoar> | boris: well, i don't think my employer knows about this particular conversation -- although istr that the invitation to do this thing came from pat mcgovern through someone at ibm, and i got it in official channels. |
| <Diablo-D3> | X-Istence: cant | 15:53 |
| <X-Istence> | why not? |
| <KenCoar> | boris: as for what i say.. well, i'm an open developer first and an ibmer second. if the two ever come into conflict, i resign from ibm -- simple as that. they know that. |
| <Diablo-D3> | X-Istence: apparently, its apart of the specification |
| KenCoar: man, you rock |
| * jwbozzy | just thought of extern int errno; and how thread safe it is :) | 15:54 |
| shudders |
| <Diablo-D3> | well... uh... |
| <KenCoar> | the foo() and foo_r() apis are not identical, since the latter have to provide for the caller to maintain the context that the former keep themselves. |
| <Diablo-D3> | er... |
| * hobbit | senses qmail flamewar coming :) |
| <Diablo-D3> | jwbozzy: oww. |
| <jwbozzy> | :) |
| <KenCoar> | jwbozzy: heh. errno is a weird case. |
| <X-Istence> | hobbit: why a qmail war? |
| <jwbozzy> | KenCoar: how would you get around that? |
| <KenCoar> | hang on, brb | 15:55 |
| <jwbozzy> | k |
| <saturn> | the qmail guy rewrote huge portions of libc, right? |
| <hobbit> | X-Istence: qmail has a big problem with "extern int errno" on newer versions of glibc. Nevermind. |
| no, he has his own api |
| <Diablo-D3> | well |
| <boris> | KenCoar: i wish we have such employers here in Estonia (well govt just sold our souls to M$). Anyway, you have seen Apache developement for something like 8 yrs, where do you think it's going? |
| <hobbit> | much nicer, but completely incompatible |
| <X-Istence> | hobbit: ah, i use qmail on BSD. |
| <Diablo-D3> | completely rewriting the error system |
| <hobbit> | qmail is OT here |
| <X-Istence> | yeah yeah. | 15:56 |
| <KenCoar> | back |
| istr that the thread libraries manage to finesse errno into a thread-local cell. i don't recall how. | 15:57 |
| <jwbozzy> | sounds like it involves evil. |
| <KenCoar> | lol |
| boris: you mean the web server, or the apache foundation as a whole? | 15:58 |
| <Diablo-D3> | errno was a mistake |
| I think that all functions should return the error state |
| <boris> | Apache Web Server development |
| <Diablo-D3> | and you pass a pointer to a pointer to the function for it to fill it |
| <boris> | as a whole. How active it is? | 15:59 |
| is it becoming more active or passive? |
| <jwbozzy> | Diablo-D3: agreed. |
| * KenCoar | nostalgicates about VMS' error and exception handling, which was a think of beauty twenty years ago and still stands out as something no other system has yet come close to attaining (afaik) |
| <Diablo-D3> | I wish I could write a system that elegant =/ | 16:00 |
| <KenCoar> | boris: right now i think it's quieting down. i also think that within nine months something will crop up that will get everyone (and then some) all excited again. |
| Diablo-D3: you familiar with it? |
| <Diablo-D3> | Heh |
| KenCoar: no, but Ive heard stories |
| * KenCoar | started working with vms in 1978 | 16:01 |
| <Diablo-D3> | I wasnt even born yet in 1978 |
| <boris> | KenCoar: do you expect something *very* special to come out, or is it already around the corner? |
| * KenCoar | has d&d characters from before even then | 16:02 |
| <KenCoar> | boris: i don't know what it will be. that's part of the evolutionary aspect of the project; cosmic rays strike unexpectedly and mutations crop up. |
| <Diablo-D3> | KenCoar: how many times have you ascended in nethack? | 16:03 |
| <KenCoar> | none; i never really got into that. i do, however, have the original source of ADVENT (also with my own hacks and enhancements to it) | 16:04 |
| * Diablo-D3 | worships KenCoar | 16:05 |
| <KenCoar> | lol! |
| <diminished> | hehe |
| <kraupu> | :) |
| <Diablo-D3> | Ive never been able to ascend in nethack | 16:07 |
| I get screwed by the fact that they really _have_ thought of everything |
| <diminished> | KenCoar: What WM do you use in Linux? | 16:08 |
| :-D |
| <Diablo-D3> | thats assuming he uses linux |
| <diminished> | He does. |
| <Diablo-D3> | he could be a bsd-er |
| Hes defenetly got the unix beard going on |
| All he needs to do is change his name to eric, and he'll fit right in ;) |
| <diminished> | Diablo-D3: He stated before that he uses Redhat. | 16:09 |
| <KenCoar> | red hat. i use gnome and enlightenment. |
| <Diablo-D3> | heh, g+e... otherwise known as eyecandy |
| <diminished> | I see. |
| <Diablo-D3> | KenCoar: Im like on the complete other end of the spectrum then you | 16:10 |
| I use debian with openbox and no desktop environment |
| <KenCoar> | ahhh? how so? kde and sawfish? |
| <boris> | KenCoar: does Apache _run_ on win32? |
| <liamfoy> | freebsd and fluxbox for me:) |
| <X-Istence> | KenCoar: I have to ask this, what is your favorite server operation system? | 16:11 |
| <drdink> | Has anybody done any benchmarks comparing Apache with/without accf_http.ko on FreeBSD? |
| <KenCoar> | boris: yep. |
| X-Istence: linux for most things. t64u for a very few. |
| <X-Istence> | what distro? | 16:12 |
| <Diablo-D3> | I hope not redhat on a server | 16:13 |
| <boris> | KenCoar: is there any advantage of using Apache on win32, except that... i don't know any advantages of using win32 :( |
| <KenCoar> | red hat. it's with what i'm most familiar. |
| * Diablo-D3 | dislikes rpm based distros |
| <KenCoar> | sorry, Diablo-D3. |
| <Diablo-D3> | KenCoar: I need to get you hooked in debian ;) | 16:14 |
| s/in/on/ |
| <X-Istence> | nah, FreeBSD :P |
| <KenCoar> | boris: sure. if it's all you've got, or you need things peculiar to windows (asp, etc.) |
| <X-Istence> | ports system is a good selling point :P |
| <Diablo-D3> | X-Istence: one step at a time, dude |
| X-Istence: we dont want to kill him |
| * KenCoar | has had baaaaad experiences with ports |
| <X-Istence> | Diablo-D3: nah, immediate switch, give him a nice heart attack :P |
| KenCoar: hmm, what kind of bad experience, i have yet to have a bad experience with em. | 16:15 |
| * jwbozzy | would like to hear about this too. |
| loves ports |
| <X-Istence> | i switched a few servers from red hat to FreeBSD on a corporate network, and immediatly i got a few calls asking me why the server was suddenly so fast, as if it was some sort of mistake. |
| <Diablo-D3> | yeah, I wanna hear too |
| <JThundley> | aww I missed the end of it | 16:16 |
| <KenCoar> | endless dependency chasing, required bits that weren't in the port, ... |
| <jwbozzy> | oh really? |
| <JThundley> | oh nevermind, hi Ken! |
| <jwbozzy> | hmm. |
| <X-Istence> | KenCoar: how long ago was this? |
| <Diablo-D3> | X-Istence: lol |
| <jwbozzy> | I've never had that happen in the last 3 years |
| <Diablo-D3> | I didnt have that ever happen either |
| Nor have I heard of anything like that |
| <KenCoar> | oh, maybe 2000 |
| <X-Istence> | The ports tree has all the dependencies for all apps, if it doesnt, or fails to compile, it will be set as broken, and you wont be able to compile it | 16:17 |
| <Diablo-D3> | yeah, what X said |
| <KenCoar> | two things i *had* to get working: socks and ssh. both were a pain. |
| <X-Istence> | untill port maintainer fixes it. |
| SSH is in the base system. |
| <jwbozzy> | you installed ssh from ports? no wonder :) |
| <Diablo-D3> | I thought they took ssh out? |
| <KenCoar> | wasn't back then, iirc. 3.0 |
| <jwbozzy> | oh. |
| yeah. |
| ok. that is a long time ago :) |
| <X-Istence> | Ah, get up to date Ken :P. |
| <Diablo-D3> | wow 3.0 is old | 16:18 |
| <X-Istence> | Old School BSD :P |
| <KenCoar> | it was new then.. |
| <jwbozzy> | KenCoar: you are not going to believe this, but they are up to 5 now ;) |
| <Diablo-D3> | hah |
| <jwbozzy> | :P |
| <X-Istence> | FreeBSD Dragonflame.Network.Home 5.2-RELEASE FreeBSD 5.2-RELEASE #1: Mon Jan 12 19:51:48 EST 2004 xistence@Dragonflame.Network.Home:/usr/o bj/usr/src/sys/DRAGONFLAME i386 |
| <Diablo-D3> | jwbozzy: they might catch up to redhat at this rate |
| <jwbozzy> | NAh. | 16:19 |
| redhat just moved to 8 month support schedule. |
| <KenCoar> | Rotational greetings, JThundley |
| <JThundley> | :) |
| <jwbozzy> | that wont happen. |
| <Diablo-D3> | ouch |
| Im glad I use debian |
| <X-Istence> | KenCoar: Its nice to see someone like you interacting with users of the software you head. |
| <Diablo-D3> | I never have to care about version numbers |
| I just apt-get update && apt-get upgrade once a week while using sid |
| <X-Istence> | Diablo-D3: cd /usr/ports; make cvsup; portupgrade -fRra | 16:20 |
| :P |
| <Diablo-D3> | X-Istence: same difference |
| <X-Istence> | update ALL software. |
| <JThundley> | I hate to ask this kind of question, but does anyone know why my apache2 server takes forever to be brought up? I have mod_php installed, nothing else weird, the stable Gentoo ebuild. |
| <Diablo-D3> | JThundley: sounds funky | 16:21 |
| <JThundley> | it is Diablo-D3, even when I send it a HUP it does this |
| <Diablo-D3> | JThundley: nothing in the log? |
| <JThundley> | when it doesn't work there is one process, and then 10 minutes later it spawns the other 10 |
| <hobbit> | strace it :) |
| <JThundley> | nope |
| <KenCoar> | JThundley: how many vhosts? |
| <JThundley> | just one that I know of |
| strace eh? |
| <X-Istence> | yeah: strace /path/to/httpd | 16:22 |
| <JThundley> | oooh, I'll try that right now, thanks X-Istence! |
| <diminished> | KenCoar: What college/university did you go to? :) | 16:23 |
| (Just wondering) |
| <KenCoar> | university of massachusetts | 16:24 |
| but i never completed my degree |
| <Diablo-D3> | KenCoar: not mit? |
| <KenCoar> | nope |
| nor even rpi |
| <cdlu> | Amherst? |
| <liamfoy> | KenCoar, more self taught? |
| <KenCoar> | cdlu: aye | 16:25 |
| <cdlu> | cool |
| <KenCoar> | liamfoy: indeed |
| <liamfoy> | KenCoar, interesting. |
| <Diablo-D3> | wow |
| <cdlu> | I had a friend at UMass Amherst from highschool (Northfield, MA) and we used eachother to tunnel through down university internet connections with the help of internet 2. very handy. :) |
| <Diablo-D3> | self taught people rock |
| <JThundley> | Diablo-D3, so true | 16:26 |
| <liamfoy> | You notice alot of successful open-source projects and there members seem to be self-taught, which is interesting indeed. |
| <X-Istence> | i tought myself most of my knowledge |
| <diminished> | I assume (most) of us are self taught? |
| <KenCoar> | the internet didn't exist yet when i was at university. |
| <X-Istence> | at 15, you have to. |
| <liamfoy> | Some people are born with it I suppose, the tendancy to be good with numbers and logical outlooks. |
| <cdlu> | straw poll: who here has started, but not finished, university (and is no longer attending)? |
| * cdlu | raises hand |
| <diminished> | X-Istence: hehe, yeah. I'm in that age right now ;P | 16:27 |
| <liamfoy> | Am only 16, but I plan to start soonish ;) |
| <X-Istence> | most people think i am older than that |
| <KenCoar> | we had the arpanet and a bunch of mail networks like.. damn, what was the one out of udel? |
| * KenCoar | fondly remembers the ncp/tcp-ip flag day |
| <liamfoy> | KenCoar, how did you teach yourself ? like did you have certain ways etc? |
| <hithere> | fidonet? |
| <JThundley> | X-Istence, strace failed to compile: autoconf: Undefined macros :( |
| <diminished> | JThundley: Don't use Gentoo. | 16:28 |
| <KenCoar> | ooh, is that from a port? |
| * KenCoar | hides |
| <JThundley> | :O blasphemy! |
| let's leave it at that diminished. |
| <diminished> | JThundley: Gentoo is for people who like to wait. |
| <X-Istence> | yeah, gentoo sucks. |
| <diminished> | ;) |
| * JThundley | doesn't want to scare KenCoar away |
| <KenCoar> | liamfoy: basically, if i found something that interested me, i'd read whatever i could find about it, and play with it all i could. |
| <X-Istence> | KenCoar: that is how i broke FreeBSD at least 600 times now :P | 16:29 |
| <diminished> | lol |
| <KenCoar> | i have the NOS System Programer's Instant around here somewhere.. |
| plus four inches of fanfold of emacs-for-vms-under-eunice, which i used to hack | 16:30 |
| <liamfoy> | KenCoar, didnt IBM basically give you a job because of your links with apache? |
| <Diablo-D3> | Im self taught, btw |
| except that didnt help me much |
| Im currently without a job |
| <JThundley> | jwbozzy, could you invite eth1r and alc6379 please? alc6379 isn't connected yet. |
| they are from #justlinux on irc.freenode |
| <KenCoar> | liamfoy: i don't think it was because of my looks.. :-) | 16:31 |
| <Diablo-D3> | KenCoar: they ph33r the unix beard. |
| <KenCoar> | liamfoy: or do you mean there's no other reason they would have hired me? |
| * KenCoar | hasn't shaved the beard since 1986 | 16:32 |
| <Diablo-D3> | your beard is almost as old as me! |
| Im only like 3 years older than it |
| <KenCoar> | well, i wore it for several years before i shaved it that time. | 16:33 |
| <liamfoy> | No I mean, without a degree, theoretically you could be joe bloggs of the street asking IBM for a job as they dont know. So am gathering they seen your links with apache and snapped you.. |
| <diminished> | KenCoar: Your beard is older than me :) |
| <liamfoy> | only than me also heh |
| <Diablo-D3> | diminished: hah |
| <diminished> | :-D | 16:34 |
| <KenCoar> | ah |
| <Diablo-D3> | KenCoar: Im surprised you dont nethack |
| <KenCoar> | as i used to tell manoj, 'i've got d&d characters older'n you!' |
| <Diablo-D3> | Though, Im glad you dont, it means you might actually be doing work ;) |
| * liamfoy | nods at stopping making KenCoar feel old ;) |
| <vegas> | KenCoar, did u hear about a possible 0day for apache 1.3.x ? if so are you aware of the vuln it exploits ? | 16:35 |
| <Diablo-D3> | 0day... 1.3.x? |
| vegas: do you even know what cvs is? |
| <vegas> | do you even know what a 0day is |
| <liamfoy> | now now boys :) | 16:36 |
| <KenCoar> | no, i don't |
| but ignorance is curable |
| <vegas> | i guess |
| <Diablo-D3> | KenCoar: 0day is a warez term meaning the warez version was released the same day the software was | 16:37 |
| <liamfoy> | KenCoar, have you contributed to any other projects excluding apache? |
| <Diablo-D3> | KenCoar: of course, this doesnt apply to open source software, especially ones that use cvs (et al) |
| <vegas> | Diablo-D3, thats what i thought u dunno what it is |
| <Diablo-D3> | KenCoar: *cough*vegas-is-an-idiot*cough* |
| <vegas> | you're making a fool of yourself actually |
| <grithan> | someone send diablo-d3 back to freenode, he is stinking up the place | 16:38 |
| <X-Istence> | last i checked there was one fool here, i just forgot who. |
| <Dave2> | Do you mean 0day exploit? |
| <Diablo-D3> | And on ignore you go. Wave byebye now. |
| <Dave2> | Or something? |
| <vegas> | a 0day is an exploit that hasn't been released oficially not the vuln it exploits |
| <liamfoy> | Who cares? |
| <grithan> | implying that exploits go through an 'official' release cycle... |
| <vegas> | i don't |
| <Dave2> | heh |
| <vegas> | Diablo-D3, was just aggrssing be for no reason |
| <KenCoar> | the exploit of a vulnerability that has been there from the beginning? |
| <Dave2> | SSH CRC vuln v0.6 alpha | 16:39 |
| <vegas> | old school |
| <grithan> | 0day exploit usually means an exploit that is out in the wild among a few people but has not yet received publicity or the attention of developers as being a problem |
| <Diablo-D3> | I think people are too paranoid about exploits, btw |
| <vegas> | grithan, or developpers are just not aware of the vuln | 16:40 |
| <Diablo-D3> | Apache has hundreds of exploits no one knows about yet |
| <liamfoy> | I think its a boring topic. |
| <KenCoar> | Diablo-D3: s/has/may have/ |
| <Diablo-D3> | Well, maybe hundreds is too big. Dozens? |
| <vegas> | Diablo-D3, but the vuln it exploits are known |
| <quinlan> | 0day is a word used by poser script kiddies who trade in so-called "vulns" |
| <Diablo-D3> | KenCoar: I go by has. I know they exist, Im just not sure of how many. |
| KenCoar: or what they are, too. |
| <grithan> | 0day was originally a warez term |
| <quinlan> | hi KenCoar |
| <vegas> | true grithan | 16:41 |
| <KenCoar> | liamfoy: not substantially. i've got a few here and there, and maybe half a dozen projects on sourceforge. plus the ones on my own systems. |
| Rotational greetings, quinlan |
| <grithan> | as in, 0day warez on a bbs when a game is available on a bbs for download before its official release date, etc |
| <Diablo-D3> | KenCoar: the more complex software like apache is, the more bugs/misfeatures/whatever can be used as exploits |
| KenCoar: apache scales up there on the complexity scale |
| <quinlan> | This is quite the education going on here. |
| <KenCoar> | Diablo-D3: and i'm not sure they exist. they probably do, but it's not a certainty. we may have stamped the last one. and that TRACE foolishness doesn't count. |
| <liamfoy> | KenCoar, nice. |
| <Dave2> | "misfeatures"? |
| <grithan> | you mean the more lines of code you write might mean you make more mistakes?! |
| wow, what a concept... something an experienced developer would never think of | 16:42 |
| <vegas> | ok s/0day/unreleased exploit that uses an unknown vuln |
| happy Diablo-D3 ? |
| anyway ive had my answer.. |
| <Diablo-D3> | KenCoar: Heh, I cant prove they exist, but there has to be atleast one more out there |
| <KenCoar> | it's all fractal anyway. | 16:43 |
| <Diablo-D3> | KenCoar: no software is exploit free, not even apache. |
| <vegas> | vuln free* |
| <liamfoy> | KenCoar, is there any extensive(technical) documentation on apache apart from comments in the code ? |
| <X-Istence> | yeah, but only qMail has a $500 security gaurantee |
| <grithan> | Diablo-D3, I'm sure this conversation is more informative for kencoir then years of coding experience | 16:44 |
| <KenCoar> | vegas: correct. i can't say i'm aware of any current unclosed vulnerabilities. that doesn't mean i do or don't know, just that i can't say. :-) |
| <grithan> | Diablo-D3, congratulations, dumbass |
| <Diablo-D3> | KenCoar: though, Ill give you guys this, it may be the most exploit free software out there ;) |
| <vegas> | KenCoar, i dunno if it exists for real or not actually, thats why i asked |
| <X-Istence> | Diablo-D3: i guess you havnt heard of qmail? | 16:45 |
| <grithan> | or postfix :P |
| <Diablo-D3> | grithan: if years of coding experience ment something, why does <insert your favorite app> still suck? |
| <vegas> | let him google |
| <X-Istence> | postfix i wont mention how Venema slanders DJB. You can go read up on that, and see how DJB is STILL correct. | 16:46 |
| <grithan> | Diablo-D3, I'm simplying pointing out how 'noise' like telling a contributor to a successful network service software project with a good security record that security bugs might exist in millions of lines of code, I'm sure they are quite aware of it and do their best to prevent it |
| <Diablo-D3> | grithan: I know KenCoar and crew does | 16:47 |
| thats why people use it |
| its secure, fast, and mostly unsucky. |
| * grithan | remembers why he never uses freenode anymore |
| goes to do something productive |
| <vegas> | you're so right grithan |
| <X-Istence> | Tis the first time i come by :P. Wanted to see what this guy ken was all about :) | 16:48 |
| <Diablo-D3> | X-Istence: well, now you know hes a demi-god |
| <KenCoar> | liamfoy: there are books and articles, and a little bit of stuff at http://httpd.apache.org/dev/ |
| <phlebas> | KenCoar, do you ever intent to make Apache httpd to be some sort of application-server, or, for example, capable of using a database engine as source for pages to show ? (sort of that DocumentRoot could point to db instead of directory) |
| <Diablo-D3> | X-Istence: now go buy his books or something |
| <KenCoar> | X-Istence: some people think i don't exist. |
| <Dave2> | He's an AI |
| * Dave2 | nods |
| <Diablo-D3> | phlebas: you could code that yourself, you know |
| <X-Istence> | KenCoar: well, you do a good job of hiding behind that beard of yours :P | 16:49 |
| <Diablo-D3> | phlebas: dig out a little perl, and taadaa |
| <X-Istence> | Diablo-D3: you got some cash, ill go get his books :) |
| <KenCoar> | phlebas: *i* certainly have no such intention. that's all possible now through modules. many of my sites are almost completely dynamic pages built from templates and database records using mod_php. |
| <Diablo-D3> | KenCoar: which brings me back to something I said earlier, would the apache group ever pick up a generic website building framework? | 16:50 |
| like, perl's cgi.pm on steroids | 16:51 |
| <phlebas> | KenCoar, yep. Thats what i wanted to know. Many http-servers try to be everything and it just doesent seem right .. |
| <KenCoar> | Diablo-D3: the web server project wouldn't ever do so, in my estimation, but another part of the foundation might. some may have already, in fact. cocoon, tomcat, ... |
| <phlebas> | Diablo-D3, yes, i know, made a few completly dynamic sites with php (urg), but the point of the question was not that .. |
| <Diablo-D3> | phlebas: ahh, you mean just straight built in support? | 16:52 |
| <phlebas> | Diablo, yes |
| <Diablo-D3> | phlebas: you probably could just have a mod provide it |
| KenCoar: Ive never looked at either of those before... *goes and looks* |
| KenCoar: btw, the projects and mentors link on the incubator website points to a 404 | 16:53 |
| KenCoar: who should I email? | 16:54 |
| <X-Istence> | webmasteR? |
| <liamfoy> | Anyway am out, KenCoar thanks again for taking your time you answer our questions. |
| Bye. |
| <Diablo-D3> | X-Istence: isnt a link to him |
| <X-Istence> | Diablo-D3: best bet: webmaster@<fqdn> |
| <vegas> | KenCoar, same question as for mod_security, do you guys concider including mod_webdav into apache ? |
| <Diablo-D3> | X-Istence: I never rely on that |
| <X-Istence> | Diablo-D3: worth the try :P | 16:55 |
| <vegas> | mod_dav* |
| <KenCoar> | Diablo-D3: you can send it to me and i'll forward, or you can join general@incubator.apache.org and sent it there. |
| <Diablo-D3> | KenCoar: okay | 16:56 |
| <X-Istence> | KenCoar: can i have your email to add it to my adress book so you can get fantastic windows worms just like me? J/K, ThunderBird aint as stupid, and FreeBSD dont like windows apps. |
| <KenCoar> | vegas: we already have mod_dav bundled in 2.0, and available for 1.3. | 16:57 |
| <vegas> | ok im not up2date then |
| <KenCoar> | X-Istence: it's no secret; an instant's googling would find it: coar@apache.org would do |
| <Diablo-D3> | KenCoar: sent |
| yeah, its on his website |
| <KenCoar> | vegas: if you're on 1.3, check out http://webdav.org/ | 16:58 |
| <X-Istence> | KenCoar: ah, thanks. |
| <vegas> | thats the way i did it :) |
| webdav is gonna become a real good feature of apache to me |
| <Diablo-D3> | cocoon looks very cool | 16:59 |
| KenCoar: wow, you must make a killing with all the ways you have to make money | 17:00 |
| <KenCoar> | if anyone is silly enough to look for me later, i tend to hang out in #apache on freenode -- but i'm in there even when i'm not in front of my screen. 'seen RoUS' will make the bot tell you. | 17:01 |
| Diablo-D3: what do you mean? |
| <Diablo-D3> | KenCoar: "Speaking Engagements" and "Referrals" |
| KenCoar: btw, you may want to update your website to read irc.freenode.net instead of irc.openprojects.net | 17:02 |
| <KenCoar> | i make a little money from my amazon affiliation (us$200/year, maybe). i make more from my books and articles (one just came out in acm). i don't get much from referrals any more, and i generally speak for expenses. |
| Diablo-D3: heh. |
| all told, with the book advances, it's probably no more than about us$15'000 a year. | 17:03 |
| <Diablo-D3> | irc.openprojects.net doesnt even resolve anymore, btw |
| $15k a year is nothing to sneeze at for an open source developer type. | 17:04 |
| <KenCoar> | fixed. ta. |
| heh. it ain't gravy. i *work* for that, and hard. | 17:05 |
| <Diablo-D3> | thats $15k a year more than I, and most everyone else, is making. |
| <KenCoar> | got a family to support? | 17:06 |
| that provides some motivation. :-) |
| <Diablo-D3> | no |
| <X-Istence> | KenCoar: thank you for your time. It was a pleasure meeting you :) |
| <Diablo-D3> | heh |
| * KenCoar | laughs good-naturedly |
| <KenCoar> | no problemo |
| <X-Istence> | unlike some people i know, you got a sense of humor. | 17:07 |
| <Diablo-D3> | X-Istence: sense... of humor? whats that? |
| wow, amd gave you a box | 17:08 |
| amd rocks |
| KenCoar: so you're irish? | 17:09 |
| <diminished> | Hence the beard. What did you think? :P | 17:10 |
| <KenCoar> | celtic, certainly. |
| <Diablo-D3> | Im irish too |
| And Im also going afk. |
| <KenCoar> | family oral history says more scots |
| <Diablo-D3> | afk. |
| KenCoar: thanks for your time, btw |
| <KenCoar> | np | 17:11 |
| * KenCoar | looks around at the 50+ lurkers still.. um.. lurking | 17:12 |
| <X-Istence> | KenCoar: once you leave they all leave :OP |
| <diminished> | Indeed. |
| <KenCoar> | well, *that's* weird | 17:13 |
| <Dave2> | Be glad everyone's lurking...it could be worse... |
| (how, I'm not quite sure...) |
| <hobbit> | well, some of us just don't speak English good enough to participate | 17:14 |
| but it's always nice to meet an experienced developer |
| <KenCoar> | heh. language issues is one of the things i touched on in my acm article. | 17:16 |
| <X-Istence> | KenCoar: what languages do you speak? | 17:17 |
| <KenCoar> | bliss, c, fortran, apl, perl, php, ... |
| <diminished> | hehe |
| <KenCoar> | oh! you mean wetware languages? |
| <X-Istence> | haha, yes indeed :P | 17:18 |
| <KenCoar> | english and a smattering of french and russian. |
| <X-Istence> | i like that reply though. |
| <kyon> | Hey lurking is fun :) |
| <KenCoar> | curiously enough, it's a group activity. | 17:19 |
| i mean, who lurks alone? |
| <kyon> | Argh, i am not lurking anymore... whoops. |
| <KenCoar> | and is that even lurking? |
| <kyon> | Hmm, this sounds like one of those 'alone in a forest' type things... I always answered "who cares" |
| Dead silence... | 17:22 |
| <eth1r> | shhh |
| you're spoiling it |
| <kyon> | IIS always owned apache |
| * kyon | runs |
| * X-Istence | runs after kyon and shoots an MP5 | 17:23 |
| <KenCoar> | poor little mp5, what did it ever do to you? |
| <X-Istence> | it didnt work, but my desert Eagle did. | 17:24 |
| * j0nkatz | keeps waiting for kde3 to build |
| <kyon> | So, what is this linux thing i hear about? Is it a screensaver? |
| * X-Istence | walks over to kyon and hits him in the face not once, but several times :P | 17:25 |
| <kyon> | Haha... ok ill stop acting retarded :) |
| <X-Istence> | im off, which i said i would be a few minutes ago | 17:26 |
| KenCoar: Once again, thanks :) |
| <KenCoar> | sho' | 17:27 |
| <kyon> | KenCoar: what would be the best way to break into the OO world? I have done alot of projects, business and personal alike, but not anything in the open source community... |
| <KenCoar> | oo? object oriented? or do you mean open software? | 17:28 |
| <kyon> | err... free/open |
| haha, sorry am not thinking clearly |
| <KenCoar> | 'sokey. well, do you *use* any open software now? |
| <kyon> | Yes. I've learnt my fair share, i can admin a debian GNU/linux station, and i've messed with OpenBSD | 17:29 |
| as well as the apps, like sendmail/bind/etc. Just never done any programming outside of mingw |
| or visual studio, heh. | 17:30 |
| <KenCoar> | okey, well, are there any of them that have a bug that particularly bugs you? or are missing a feature you really miss? |
| <kyon> | I'm sure there are, i've run across many in the time i've used free software | 17:31 |
| try and fix/extend a project myself? and submit it as a patch? | 17:33 |
| <Makaveli> | KenCoar: You talked about your "acm article", where can I read this article? |
| <KenCoar> | pick one of the smaller ones, find out where it's hosted, find out what the mailing lists are, get on one or more, lurk for a couple of weeks to see how things are done. get the source, figure out how to do what you want it to do, and make a patch and submit it. | 17:34 |
| meantime, build up a thick skin and remember that *no-one* was born knowing all this stuff. so if someone gives you a hard time or looks down on you, remember that. |
| <kyon> | Ok. |
| I shall... By submit a patch, you mean to the mailing list? | 17:35 |
| <KenCoar> | kyon: however that project handles patches. that's why you lurk for a while first. |
| <kyon> | ah, i see. |
| 'tis a valid strategy... :) Thanks. | 17:36 |
| <KenCoar> | Makaveli: try http://tinyurl.com/2l5bt | 17:37 |
| <kyon> | Thanks for your help... I have to run... see you around kencoar :) | 17:40 |
| <KenCoar> | cheers |