Re: CGI, semicolons, and so on...

Fisher Mark <>
Reply-To: tcemail!
Date: Thu, 30 Dec 93 08:20:00 PST
From: Fisher Mark <>
Subject: Re: CGI, semicolons, and so on...
To: www-talk <>
Message-id: <2D2302D4@MSMAIL.INDY.TCE.COM>
Encoding: 37 TEXT
X-Mailer: Microsoft Mail V3.0
Content-Length: 2353

From what I see (which is a bit cloudy with only an email Internet 
connection), most WWW servers contain only public data so far.  If the Web 
spreads like we all hope that it will, eventually there will be servers that 
serve some or all data that should be access restricted.  This will probably 
be the case with our servers once we have an IP Internet connection, as we 
plan to use WWW & WAIS for a reference document repository.  The ability to, 
at will, change any script into a file by subtracting a ';' makes me 
nervous.  My suspicion is that there will be more cases where you do not 
want to serve scripts as files than there will be cases of wanting to serve 
scripts as files as the Web grows and gains commercial entities as servers. 
 The opacity or virtualization of the present scheme is nice, as the user of 
the URL does not have to concern her or himself with whether it represents a 
physical file or it is data created on the fly -- he or she just uses it. 
 As someone who lost work time due to the Internet worm, I favor having as 
much security as I can while still being able to share the data I want to 

As far as the overhead for a single stat() call, I think that it is pretty 
small in the scheme of things.  Why even try writing a server in Perl, an 
interpreted language (which I love), if you need to worry about the overhead 
of a single stat() call?  Why even write one in C or C++ rather than 
assembler if a single stat call() can make the difference between a server 
with good response time vs. a server with poor response time?  The reason 
that programming languages have been getting higher and higher level as time 
passes is that human time (designing, writing, debugging, enhancing) gets 
more and more expensive relative to computer time.  If a script is going to 
be served often enough that one stat() call is significant, it should 
probably become its own service (like finger or ftp), with a direct, 
hardwired WWW gateway.
Mark Fisher                            Thomson Consumer Electronics           Indianapolis, IN

"Just as you should not underestimate the bandwidth of a station wagon
traveling 65 mph filled with 8mm tapes, you should not overestimate
the bandwidth of FTP by mail."