httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 47021] New: A new MPM (security) and mod_selinux module
Date Tue, 14 Apr 2009 08:31:15 GMT

           Summary: A new MPM (security) and mod_selinux module
           Product: Apache httpd-2
           Version: 2.3-HEAD
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Core

We intend to execute web-applications under the restrictive privileges
(necessary minimum, if possible) to prevent system resources are unexpectedly
accessed using buggy web-applications.

The new MPM (security) spawns a one-time process for each connection, and it
gives third-party modules a chance to assign individual privileges prior to
invocation of content handlers.

The existing MPM reuses a process or thread to handle multiple requests more
than once. It gives us benefit from the perspective of performance, but it also
gives us a headache issue. Some of enhanced security mechanism (such as
SELinux) does not allow processes to revert its privileges, even if it is
dynamically changed, so it means we cannot reuse a process which already
handled a request at least.

The mod_selinux is a proof of concept. It assigns individual security context
(privileges in SELinux) based on the result of http-authentication, prior to
the invocation of web-application but after the authentication.

The MPM is implemented based on the prefork with a bit of hacks.

- httpd-mpm_security-copied.090414.patch
  It is just a copy from prefork/ to security/.
- httpd-mpm_security-modified.090414.patch
  It is a differences from the original prefork.
- httpd-mod_selinux.090414.patch
  It is the implementation of mod_selinux module

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message