gump-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Pepper <pep...@reppep.com>
Subject Re: gump.apache.org (on moof?)
Date Wed, 12 Nov 2003 15:30:42 GMT
At 1:18 AM -0500 2003/11/12, Sam Ruby wrote:
>Chris Pepper wrote:
>>At 2:21 PM +0100 2003/11/08, Stefano Mazzocchi wrote:
>>
>>>On 7 Nov 2003, at 21:11, Sam Ruby wrote:
>>
>>>>It is worth noting that gump will run a number of tests, so from 
>>>>time to time you will find projects have tests that use well 
>>>>known ports (like 8080).
>>>
>>>ouch. we plan to be running servlets on moof, that's for sure and 
>>>8080 is very likely to be already used on that machine (even if we 
>>>can install the servlet engine in some other port, since it's 
>>>going to be proxypassed anyway)
>>
>>     This shouldn't be too bad -- the built-in ipfw is quite capable 
>>of blocking 8080; just make sure there's already a listener on any 
>>open ports before starting gump, and attempts to listen on such 
>>ports (by gump processes) should generate an error rather than a 
>>security hole. Not that I've tested this theory...
>>
>>     "sudo ipfw list".
>
>Generating an error would result in a test failing which would 
>result in emails sent to developers indicating that there is a bug 
>which needs to be addressed... in general, this is not the desired 
>behavior.

	Sure. I figured a 'real' version of Apache would run on port 
80, and 8080 would be blocked by ipfw, so it wouldn't matter if a 
gump program started listening on 8080, as it would be blocked.

	My point about errors is that you wouldn't want to leave port 
8080 open with no listener running when gump starts, as then a gump 
program might come up and listen on that (unblocked) port without 
admin knowledge or oversight.

	Hope that's slightly clearer.


						Chris
-- 
Chris Pepper:               <http://www.reppep.com/~pepper/>
Rockefeller University:     <http://www.rockefeller.edu/>

Mime
View raw message