Return-Path: 
 <dev-return-5055-apmail-community-dev-archive=community.apache.org@community.apache.org>
X-Original-To: apmail-community-dev-archive@minotaur.apache.org
Delivered-To: apmail-community-dev-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 432AB18C97
	for <apmail-community-dev-archive@minotaur.apache.org>;
 Sun,  2 Aug 2015 19:34:31 +0000 (UTC)
Received: (qmail 31742 invoked by uid 500); 2 Aug 2015 19:34:31 -0000
Delivered-To: apmail-community-dev-archive@community.apache.org
Received: (qmail 31441 invoked by uid 500); 2 Aug 2015 19:34:30 -0000
Mailing-List: contact dev-help@community.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@community.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@community.apache.org>
List-Post: <mailto:dev@community.apache.org>
List-Id: <dev.community.apache.org>
Reply-To: dev@community.apache.org
Delivered-To: mailing list dev@community.apache.org
Received: (qmail 31429 invoked by uid 99); 2 Aug 2015 19:34:30 -0000
Received: from Unknown (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 02 Aug 2015 19:34:30 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org)
 with ESMTP id 2910C197EE7
	for <dev@community.apache.org>; Sun,  2 Aug 2015 19:34:30 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 1.791
X-Spam-Level: *
X-Spam-Status: No, score=1.791 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HTML_MESSAGE=3, RCVD_IN_MSPIKE_H2=-1.108, SPF_PASS=-0.001]
	autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-us-east.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new,
 port 10024)
	with ESMTP id ck1_t5WaOc-B for <dev@community.apache.org>;
	Sun,  2 Aug 2015 19:34:29 +0000 (UTC)
Received: from mail-qg0-f42.google.com (mail-qg0-f42.google.com
 [209.85.192.42])
	by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with
 ESMTPS id 0AF7C43CCD
	for <dev@community.apache.org>; Sun,  2 Aug 2015 19:34:29 +0000 (UTC)
Received: by qgeu79 with SMTP id u79so76999323qge.1
        for <dev@community.apache.org>; Sun, 02 Aug 2015 12:34:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=LLt812ucI3ghuk8ZcDUw5DB+a2Mep+pBoALsotLf6n8=;
        b=BritEPK664SPZgcCThI9zTO42D1N+oY2vuhMNauKzJEy/BjSxljrY5mTsCAPl/rUjd
         Vp7ha96uJjNCePu6qA+Bu0ydfIq5Lsnb94NdFsB61uUEJUf8iScqmiIefdTJmvAQ5HxX
         Mfyw80OikVj7BYgK8HEzbC0Sfuz5TwZadV9/ZPialgaDWtEIqDve44m8+0ypV1ucIwbz
         6NJlWneXEE7L7JRCUz36QQ4sDmQfRUd7Y44b50mDVED6PEv4RhTeN0TqMbQKEe/zI615
         grXN+phzSugks6ehK+SgmDPTU9xfbLIkmdIZYf1pMK7BVvwHsieVq17+1wSs/dFv4e3/
         uExA==
MIME-Version: 1.0
X-Received: by 10.140.92.41 with SMTP id a38mr20215568qge.30.1438544062611;
 Sun, 02 Aug 2015 12:34:22 -0700 (PDT)
Received: by 10.96.141.46 with HTTP; Sun, 2 Aug 2015 12:34:22 -0700 (PDT)
In-Reply-To: 
 <CAK+0W2HKTXS1czdvSxCOaAdbhk2tf2BY3a6FtMYxuuCRcD+a9w@mail.gmail.com>
References: 
 <CAK+0W2HKTXS1czdvSxCOaAdbhk2tf2BY3a6FtMYxuuCRcD+a9w@mail.gmail.com>
Date: Sun, 2 Aug 2015 16:34:22 -0300
Message-ID: 
 <CAE_88GZjPMoyc6DsK0DdzVpoZpheZNt-5JEvXwyBJmkBQM9iFw@mail.gmail.com>
Subject: Re: Apache virtual host security
From: "Thiago H. de Paula Figueiredo" <thiagohp@gmail.com>
To: "dev@community.apache.org" <dev@community.apache.org>
Content-Type: multipart/alternative; boundary=001a1139b3e8d888e6051c5923b7

--001a1139b3e8d888e6051c5923b7
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi!

This is the Apache Software Foundation community mailing list. The Apache
HTTPD Server (most known as just Apache) users mailing list is described in
https://httpd.apache.org/userslist.html, and that's where you'll probably
get answers.

On Sun, Aug 2, 2015 at 3:46 PM, M=C3=A1rk M=C3=B3dly <mm.szerver@gmail.com>=
 wrote:

> Hi,
>
> I am pretty new to apache mod development so please be gentle with me.
> English is not my native language either so in andvance sorry for my
> mistakes.
>
> A few weeks ago I ran into the problem that virtual host are not that
> separated, as I thought. The most common problem is that the different
> virtualhosts are not chrotted, so I checked some workarounds, but so far =
I
> did not really found a good solution. Today came the idea to me, that I
> would really try to DO something for this community First of all are my
> informations up-to date that this problem is not solved? (Separating
> virtual hosts, [source problem: one VH could reach other files, than the
> config alloved].)
> If I am right and it is still an issue, my idea is the folloving:
> Create an apache file handler and, if the file, that the subprocess would
> like to reach is out of the "range" it will return with a file handler
> error.
>
> I wonder if it is possible, or what the opinion is about this idea.
>
> Thanks in advice:
> mark
>



--=20
Thiago

--001a1139b3e8d888e6051c5923b7--