[OT] Deciding about On-Rev

George C Brackett gbrackett at luceatlux.com
Tue Apr 21 10:46:59 EDT 2009

Phil's answer is a very good one; I'd like to expand on it a bit.

When you log in to a server via SSH, you have command-line access to  
it, meaning that in essence you are sitting in front of it running the  
equivalent of Terminal on the Mac or Run on Windows (I think that's  
right).  Many things that I normally do using SSH can be done via  
WebDAV or even in an FTP client, in particular copying, moving,  
renaming, deleting and changing the permissions or owners of files.  I  
would feel hampered, however, by the inability to execute shell  
scripts directly (they could be executed indirectly using Rev shell  
scripting in a web page thoug) and to use the full panoply of unix  
commands to manage my site(s).  The speed of operations is also  
usually much greater, since very little communication is involved and  
repetitive actions, like deleting a directory full of sub-directories,  
are virtually instantaneous.

That power comes with considerable risk, however, and the risk greatly  
increases when you are able to assume, temporarily or permanently, the  
power of the 'root' user, who can do ANYTHING. (To become the 'root'  
user temporarily, one prefaces commands with 'sudo', meaning Switch  
User to DO as root, more or less.) I have that power on my own Macbook  
Pro machine, and I'm accustomed to it.  But I can certainly understand  
when a host decides to limit root access, use of sudo, or even SSH: it  
greatly decreases the possibility that one user's mistake -- or  
malevolence -- will bring about disaster.

Some hosts, such as the one I use, offer virtual hosting environments,  
where the user's space is segregated by some clever programming from  
everyone else's, so the user is in effect using a completely separate  
server.  In those environments, root access or limited sudo use can be  
provided, with the caveat that the user had better be knowledgeable  
and careful if she wants to keep from destroying everything.  (As an  
example, a root user typing "rm -rf /" on the command line and  
pressing return will delete the entire operating system and all  
data.)  An even greater power comes with the leasing of an actual  
server computer maintained by the host: in this situation, you have  
the same power you would have if the server was located in your  
basement.  So, if you need more power and access, there are ways to  
get it, but you and the host have to assume substantial additional  
responsibility and risk.  For many and probably most website owners/ 
developers, a more limited environment such as On-Revs is perfectly  

I hope this makes my interest in SSH and root/sudo more clear!


On Apr 21, 2009, at 1:16 AM, Phil Davis wrote:

Colin Holgate wrote:
> What does SSH give you that you don't get with the secure disk image  
> access?

Hi Colin,

I assume when you say "secure disk image access" you're talking about  
WebDAV, which is what on-rev offers.

In a nutshell:
- SSH gives you the ability to execute any line command known to the  
server. You have a user account on the server and can log into it and  
do whatever you know how to do via the command line, including the  
setting of server properties, the running of scripts, etc.

- WebDAV lets you mount a server-side folder on your computer as  
though it were an external HD, and you can use it like one (except  
upload/download speeds are are subject to your internet connection  
speed, unlike an external HD!). So WebDAV's functionality is limited  
to file services, but you have a GUI for it.

I wish on-rev had SSH. However, its absence is partially compensated  
for by the power of Rev code in irev pages, if indeed the server  
version of Rev will give us abilities like those of the desktop  
versions to sense and control similar kinds of things.
Phil Davis

PDS Labs
Professional Software Development

use-revolution mailing list
use-revolution at lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your  
subscription preferences:

More information about the use-livecode mailing list