Subject: Re: Modlisp for newbies by a newbie
From: rpw3@rpw3.org (Rob Warnock)
Date: Sat, 17 Jun 2006 05:42:35 -0500
Newsgroups: comp.lang.lisp
Message-ID: <wbWdneKccsgGQQ7ZnZ2dnUVZ_qOdnZ2d@speakeasy.net>
Blaine <jillandblaine@hotmail.com> wrote:
+---------------
| Rob Warnock wrote:
| > Looks useful! Do you know how hard it is to get it to work with
| > local-domain (a.k.a. Unix-domain) sockets (AF_LOCAL or AF_UNIX)?
| > Many people prefer to use that when the Lisp process is on the
| > same server as Apache, to avoid the risks of having yet another
| > AF_INET socket open (the "port 3000" in your example).
| 
| Alas, I have no idea what you're talking about, but it does sound like
| something I need to know.  My colleague has a big stack of Apache books
| on her desk.  I'll check it out.
+---------------

Local-domain sockets are an operating-system thing rather than an
Apache thing per se, though an Apache module may certainly use them.
With a local-domain socket, both ends of the connection can *only*
be on the same system, and the filesystem namespace is used for
rendezvous rather than IP addresses/ports. See the manpage "unix(4)"
[on BSD, "unix(7)" on Linux]:

    The UNIX-domain protocol family is a collection of protocols
    that provides local (on-machine) interprocess communication
    through the normal socket(2) mechanisms. The UNIX-domain family
    supports the SOCK_STREAM and SOCK_DGRAM socket types and uses
    filesystem pathnames for addressing.
    ...
    Binding a name to a UNIX-domain socket with bind(2) causes a
    socket file to be created in the filesystem.  This file is not
    removed when the socket is closed -- unlink(2) must be used to
    remove the file.
    ...
    Normal filesystem access-control mechanisms are also applied
    when referencing pathnames; e.g., the destination of a connect(2)
    or sendto(2) must be writable.

Because of this, you can arrange that only local (same machine)
client programs with specific UIDs or GIDs (e.g., Apache, if you
so choose) can connect to your server.

The following may be helpful as well:

    http://www.gnu.org/software/libc/manual/html_node/Local-Namespace.html
    http://www.gnu.org/software/libc/manual/html_node/Local-Namespace-Concepts.html


-Rob

p.s. Hmmm... Oops! I just looked at <http://www.fractalconcept.com:8000/
public/open-source/mod_lisp/mod_lisp2.c>, and it doesn't appear to support
local-domain sockets. Oh well, never mind... (*sigh*)

-----
Rob Warnock			<rpw3@rpw3.org>
627 26th Avenue			<URL:http://rpw3.org/>
San Mateo, CA 94403		(650)572-2607