The truth is that there is not much that one server can do that the other cannot. I.e. there is probably no need to distinguish between the two. It would probably be easier to use a single user (e.g. www-data in Ubuntu) and handle all the security intricacies with that single user. It would simplify both the KonText source code and the server administration.
And as a bonus, we would most likely avoid the rare (but long term) permission denied error between web and worker.
The truth is that there is not much that one server can do that the other cannot. I.e. there is probably no need to distinguish between the two. It would probably be easier to use a single user (e.g.
www-data
in Ubuntu) and handle all the security intricacies with that single user. It would simplify both the KonText source code and the server administration.And as a bonus, we would most likely avoid the rare (but long term) permission denied error between web and worker.