[mod_python] Anti-mod_python discrimination

Ron Alford ronwalf at umd.edu
Thu Feb 26 17:20:57 EST 2004

David McNab wrote:

> But I would really like to know what concerns shared web host admins 
> have about mod_python. Are there real security issues, whereby a 
> malicious python web app could do nasty stuff to 'neighbour'
> accounts, or to the server itself? Or is there just a 'fear of the
> unknown' issue? Or have hosting providers been fed some FUD along the
> way?

These arguments are probably true of all mod_*, but here are some
reasons I wouldn't want to have untrusted users using mod_python:
1) You need to have seperate interpretters per user.  Import hooks,
module versions, and other things can all play havoc with other users.
This really isn't such a big deal.  Default is what, interpretter per
virtual host?

2) Can't make use of apache threading.  It would be really easy to
import a .so module and cause the entire server to segfault.  I've even
done this with the standard library before (though my bug was heinous).

3) Remember that you're part of the same process as apache.  Anything
apache has stored in ram, and anything apache can touch is accessible to

Given the last problem, if I were to host untrusted users and give them
access to mod_python, I would have an apache server per user running
under their account.

Going this far, I'd probably go a little further and just give them
their own virtual linux box.

And as I've gone that far, I'll just put in a plug for

They've given me relatively cheap hosting on a nice box.  I get to do
with it as I please, and it's as reliable as I could wish for.


More information about the Mod_python mailing list