Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 8DD52200C3A for ; Fri, 31 Mar 2017 20:59:00 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 8C80B160B80; Fri, 31 Mar 2017 18:59:00 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id D2699160B7C for ; Fri, 31 Mar 2017 20:58:59 +0200 (CEST) Received: (qmail 87786 invoked by uid 500); 31 Mar 2017 18:58:59 -0000 Mailing-List: contact bugs-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: Reply-To: "Apache HTTPD Bugs Notification List" List-Id: Delivered-To: mailing list bugs@httpd.apache.org Received: (qmail 87777 invoked by uid 99); 31 Mar 2017 18:58:59 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 31 Mar 2017 18:58:58 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id A161E1A088C for ; Fri, 31 Mar 2017 18:58:58 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.002 X-Spam-Level: X-Spam-Status: No, score=-0.002 tagged_above=-999 required=6.31 tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id mbOj4drrnY1r for ; Fri, 31 Mar 2017 18:58:58 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id B91565FC76 for ; Fri, 31 Mar 2017 18:58:57 +0000 (UTC) Received: from asf-bz1-us-mid.priv.apache.org (nat1-us-mid.apache.org [23.253.172.122]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTPS id 60DFAE062D for ; Fri, 31 Mar 2017 18:58:57 +0000 (UTC) Received: by asf-bz1-us-mid.priv.apache.org (ASF Mail Server at asf-bz1-us-mid.priv.apache.org, from userid 33) id 54660606F4; Fri, 31 Mar 2017 18:58:56 +0000 (UTC) From: bugzilla@apache.org To: bugs@httpd.apache.org Subject: [Bug 60946] "Require not env" generates error Date: Fri, 31 Mar 2017 18:58:55 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Apache httpd-2 X-Bugzilla-Component: mod_authz_host X-Bugzilla-Version: 2.4.25 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: jchampion@apache.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: bugs@httpd.apache.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bz.apache.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 archived-at: Fri, 31 Mar 2017 18:59:00 -0000 https://bz.apache.org/bugzilla/show_bug.cgi?id=3D60946 --- Comment #6 from Jacob Champion --- (In reply to Philip Prindeville from comment #5) > (In reply to Jacob Champion from comment #4) >=20 > > > > Does part of the confusion stem from the fact that we are = by > > default instead of ? Switching that alone might make some t= hings > > more intuitive. > > >=20 > Except that when one things of traditional mandatory access controls like > ACLs and such, you execute the rules until you get your first conclusive > match... which is what does. While that might be true -- and I'm not convinced that's an accurate description of all MAC systems -- we're not using an ACL (or a MAC) authorization system here. It's a very flexible (perhaps too flexible), multi-paradigm system, and I would argue that you're just as likely to see role-based authz with some of the more advanced authorization modules. Perhaps the best thing to agree on is that any behavior might be "astonishi= ng" to some, and we should try to do what is least astonishing to the widest possible range of users. Anyway: there's a good chance that this is neither here nor there. Maybe al= l we need to do is review what directives are considered neutral/success/failure= in the authz system. --=20 You are receiving this mail because: You are the assignee for the bug.= --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org For additional commands, e-mail: bugs-help@httpd.apache.org