Session ID & Security

[Paul Rubin]

- c o v e n t r y - <coventry at removethisandallhyphens-o-n-e.net> writes:
> http://web.systhug.com/kernel-lock/ - for linux atomic file locking.
> 
> of course, wether your system is mulitprocess or multithreaded will vary
>   the lock - a python multithreaded application can perform all locking
> internally.  multiprocess requires external locking, such as the file
> locking provided above in linux kernels and filesystems.  Note that
> _how_  you store and lcok your data can play a big part in how the lock
> affects performance.  a single, big lock on a single file containing all
> session data will not scale.  I use individual files per session in my
> projects, and lock individually - thus only simultaneous requests from
> the same session can block each other - which is normally acceptable.

Thanks, that's kind of interesting, but because of the issues you
mention and because of the file system overhead (even if it's a ram
disk), I still think shared memory is the best mechanism by far.

 http://gigue.peabody.jhu.edu/~mdboom/omi/source/shm_source/shm.html

is a Python interface to the shm system call that does everything
required.  Alternatively a semaphore operation (basically a call to an
atomic test-and-set instruction) could be added to the existing mmap
module, and you'd simply map a shared file into memory.

For more flexibility, it might be interesting to use MPI for all this
stuff.  Run your web server on a Beowulf cluster!