web2py wsgibase is thread safe. The only functionality that is not is
web based testing.
The reason is that the doctest module is not thread safe but only
conflicts with itself.
web2py has the option of accessing folders by absolute paths (that is
the default on windowsce).
By default is does access all files as relative paths from the same
web2py working folder, where web2py is installed. web2py never
changes folder.
If you browse the source you may find some chdir(). They are not
actually supposed to change folder except in the case the user code
has a bug and the user code changed the folder. In this case web2py
chdir back to where it is supposed to be and logs the problem.
Massimo
web2py is thread safe but to answer your specific questions:
1)
web2py expects to run from web2py/
so that it finds gluon/ applications/ and deposit/ as subfolders.
It never chdir anywhere else. All web2py apps run from there. You
have the option to access all files via relative paths from its
working directory (the default on unix and windows) or via absolute
paths (the default on windows ce since windows ce does not understand
relative paths).
If you run apache with mod_proxy there is no issue.
If you run apache with mod_wsgi you have to install (or symlink)
web2py in the apache running folder.
I agree that if another apache app (not web2py) running in the same
context does a chdir, there may be trouble. In this case you need run
web2py with the windowsce option which requires commenting one line
in main. I will turn this option into a command line option to make
it easier.
2) web2py does not need to do chdir to work propery or, I agree with
you, it would not be thread safe, which it is.
At startup:
working_folder=os.getcwd() # once before creating threads
and it assumes working_folder never changes. For every thread:
try:
.... web2py never chdir ...
except ...
os.chdir(working_folder)
You can comment the latter line and everything works. The latter line
is there in case another app (not web2py's) that shares the same
context does chdir, which as you say is not supposed to happen. The
line is there to try recover and be able to log the issue.
Are you trying to tell me that I can run two mod_wsgi apps (for
example web2py and pylons) and if one of them does chdir, this affect
the other? Hope this is not the case or I will continue use mod_proxy
instead of mod_wsgi. Anyway, web2py will not do this and if another
app does, web2py will try to recover via the above mechanism.
Hope this answers your questions.
Massimo
web2py is absolutely thread safe if used with mod_proxy.
In this case you can also run multiple copies of web2py from
different folders using different ports.
web2py may not be thread safe with mod_wsgi because another app (not
web2py) can do chdir(). In fact I cannot prevent other apps running
in the same context from screwing up web2py. In fact it is more than
chdir(), they share the same memory segments! I would not want web2py
apps to run in this way. It is very unsafe.
Anyway, I hear you. In particular I think there is a value in being
able to specify a working folder as a command line argument and use
absolute paths everywhere. I will add this feature in the next
version. I will release a new version with this change next week.
Massimo
I will change what you say because you have one good point: I want to
able to specify the working folder when running with mod_wsgi and I
want to be able to run them from different folders.
The rest of your argument is almost semantic in nature. In fact if
two programs run in the same address space there is no limit to how
bad one can affect the other and there is no protection. This is not
limited to chdir. They all share environment variables, stdout,
stderr, stdin, memory etc. Forget web2py for a second. I can right
now write a pylons application that overwrite the ram memory of any
other pylons application running under mod_wsgi on the same system. I
teach how to do this stuff in my network programming and host
security classes.
If you run multiple programs in the same address space there is no
protection! The only protection is trust that the different
components have some good manners.
Back to web2py. It is designed so that in never chdir, it never
redirects stdout(*), stderr, or stdin. It never changes the values of
environment variables. It does not call python functions that are are
known to be thread unsafe(*) (*=except for doctest and it locks the
admin session when doing so to prevent concurrency). It also assumes
that other applications running in the same address space have the
same good manners. If they don't or if you are not sure, don't run
them with web2py.
What you said about apache running form "/" is not true. This is
against basic security rules since it opens the doors to the entire
filesystem from potential break-ins. Apache apps should run jailed
using chroot. You should chroot to the location where web2py is
installed when running web2py with Apache.
Reference: http://www.faqs.org/docs/securing/chap29sec254.html
Other frameworks may have problems with chroot.
Using mod_proxy of mod_rewrite provide the most separation because
web2py apps will run in its own address space. That is webfaction
runs most python web applications. That is how I suggest running
web2py, I yet have to see a performance penalty.
Massimo
I spend my last 2 hours doing what you suggested:
http://mdp.cti.depaul.edu/examples/static/web2py_src_v1.23b.zip
which requires some more testing. Not much changed in web2py
libraries but there were many changes in the admin interface to
access the proper paths.
Now I feel I wasted a lot of time since you are telling me that if I
run mod_wsgi in deamon mode I can set my own application folder and
that's all I wanted to do.
I am not a wsgi expert and what you said in this last email is very
valuable.
Perhaps I do not need version 1.23b anymore...
Massimo
would you write an howto mod_wsgi deamon mode on AlterEgo?
Massimo