TUX web server: Difference between revisions
imported>Joshua David Williams |
imported>Eric M Gearhart (Reworded to clarify: the option is there to build TUX in, you don't have to though) |
||
Line 14: | Line 14: | ||
==Controversy over Security== | ==Controversy over Security== | ||
Linux [[hacker|kernel hackers]] argued that having a [[daemon]], which by design is directly accessible from the [[Internet]] (as a web server would have to be), built directly into the kernel is very dangerous. A common bug such as a [[buffer overflow]] within TUX could give an attacker full remote [[superuser]] control over a machine. They argue that it is much safer to keep such daemons entirely within [[userspace]], where a bug does not necessarily give an attacker total control. However, some Linux distributions, such as Fedora, have added TUX | Linux [[hacker|kernel hackers]] argued that having a [[daemon]], which by design is directly accessible from the [[Internet]] (as a web server would have to be), built directly into the kernel is very dangerous. A common bug such as a [[buffer overflow]] within TUX could give an attacker full remote [[superuser]] control over a machine. They argue that it is much safer to keep such daemons entirely within [[userspace]], where a bug does not necessarily give an attacker total control. However, some Linux distributions, such as Fedora, have added the option to compile TUX into 2.6 kernels. | ||
==Related Topics== | ==Related Topics== |
Revision as of 14:19, 21 April 2007
The TUX web server is a World Wide Web server that can be run partially inside the Linux kernel as a module to provide the highest performance possible. Its name is derived from the Linux penguin mascot, Tux. It was originally contributed to the Linux kernel project by kernel hacker Ingo Molnar.[1]
Development and Limitations
Out of the box, it is currently limited to serving only static pages, meaning that it can't serve pages that were dynamically created using web scripting languages such as PHP or Perl. However, additional modules can be used to work with dynamic scripting languages, similarly to the way Apache uses the PHP module, except TUX does not contain any CGI functionality out of the box. These modules can be run from either the userspace or from other kernel modules.
TUX has never been an integrated part of the official Linux kernel, although it has been shipped in some Linux distributions, notably Red Hat, SuSE and Fedora.
It served as a testbed for many features which were integrated separately, including the Native POSIX Thread Library. With the right tuning parameters, the library allows web servers to serve pages at a speed very close to that of a kernelspace web server such as TUX but without its limitations.
Controversy over Security
Linux kernel hackers argued that having a daemon, which by design is directly accessible from the Internet (as a web server would have to be), built directly into the kernel is very dangerous. A common bug such as a buffer overflow within TUX could give an attacker full remote superuser control over a machine. They argue that it is much safer to keep such daemons entirely within userspace, where a bug does not necessarily give an attacker total control. However, some Linux distributions, such as Fedora, have added the option to compile TUX into 2.6 kernels.
Related Topics
- Apache Web Server, another web server that runs completely outside of a kernel
- The Linux kernel article, for a general overview of the Linux kernel and architecture
Further Reading
citi-tr-00-8.pdf "The TUX web server: An analysis." Provides an architectural overview of TUX, discusses modifications included in the patch, and how TUX affects kernel operating and performance
ps-redha.pdf "Running TUX Web Server for Linux on Dell Servers." Describes the development process that culminated the release of TUX 2.0.