Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why is it hard to offer directory creation?

What would be wrong with giving people a chrooted slice of noexec filesystem with a usage quota set, that they could manipulate as they pleased?



That would require more resources than is possible with a limited budget for the number of people the creators intended. And far more than is needed for hosting a site.

What you ask for is already possible for a few bucks a month with countless VPS hosts. This is free, remember?

Also, the OP isn't part of the NeoCities team. He's merely an advocate for it.


Don't just say it takes resources, give a plausible mechanism. I can't think of any way for subdirectories to take more load than normal files in one directory. Am I not being creative enough?


I have no idea how neocities is implemented, but my first thought as far as implementing something like that wouldn't be to give users actual filesystem access, but rather to put everything in an object store. Typically that'd be flat until you bolt on something to simulate a hierarchy.


If you're doing that you can allow object names to have "/" and get directory simulation for free.


That would require more resources on the server side than simply storing flat files in directories.


and way less effort to cluster or shard


Cluster, I can understand, but why shard?

I've run forums even on rickety DIY PHP + Postgres that's held up very nicely to several hundred logins and even more sessions per day on very modest hardware (1.5Ghz Core 2 duo, 2Gb memory).

It doesn't take a boatload of resources for a simple login and static content if it's just static content. Sites can be separated (or "sharded" if you like that term) on Nginx with very little effort for static content.

E.G. https://gist.github.com/perusio/2154289

There are more elegant solutions for that which still don't require blob objects.


Would there be any particular security problem with user accounts being system users, where logged in users perform as their user and non-logged-in users have a guest account?

Then make a noexec chroot which has just a /home for them all.

I'm not sure how you'd translate a http request with an authenticated session into a handler running as a particular user, but I don't doubt that it is possible with some fork(), setuid() arrangement.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: