GWAN webserver allowing dynamic pages in D

SomeDude lovelydear at mailmetrash.com
Sun Jul 1 08:54:58 PDT 2012 

On Sunday, 1 July 2012 at 11:22:53 UTC, Dmitry Olshansky wrote:
> On 01-Jul-12 12:29, SomeDude wrote:
>> On Sunday, 1 July 2012 at 08:04:48 UTC, SomeDude wrote:
>>>
>>> OTOH, it seems to me that a web server that relies on C for 
>>> everything
>>> **is** very strongly subject to security issues.
>
> Yes, it's one things I don't like about it - apparently GWAN 
> would crash the moment your C servlet segfaults. Ah, the 
> pleasure of native scripts ;)
>
> The code that
>>> generates pages must be absolutely bug free before being put 
>>> in
>>> production, which is hard with C for anything that is not 
>>> trivial.
>>
> Use D! :) Or any other language, I see a list of supported 
> native languages in its docs.

What I meant was, the author of G-WAN boasts high performance 
because his servlets are in C. But making a dynamic website in C 
is very both unproductive and very risky, security wise, so very 
few companies would do that unless for delivering static pages. 
And if you use another language, then the performance drops and I 
suppose you get performance closer to nginx and lighthttpd (with 
D and C++, less than with some other languages).

> The fact that most production libraries (that are portable) are 
> written in C largely defeats the point of
> "... must be absolutely bug free before being put in 
> production, which is hard with C for anything that is not 
> trivial. "
>
> Also web server need NOT be absolutely bug free. It just 
> shouldn't CRASH. So memory corruption is no go, logic errors 
> and such are possible. Software always has bugs, there is no 
> such thing as "bug-free" for anything not trivial. It's just 
> they are not important or hard to trigger + "lack of feature" 
> bugs.
>

As you say, memory corruption is a no go, so I would probably 
never use C for a serious website.

> BTW PHP is a hell of a bug (not counting bugs in scripts) yet 
> it's out in the open serving most of web sites today.

Yes but PHP doesn't suffer too many memory corruption bugs, so 
there is no risk of shell code injection.

More information about the Digitalmars-d mailing list