httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (David Robinson)
Subject Re: NCSA httpd again: CGI scripts and log file descriptors (fwd)
Date Fri, 05 May 1995 15:46:00 GMT
> > >So I forget - did we ever get around to deciding what to do about this?  
> > >Is this still in apache?
> > 
> > Yes we did, and yes it is. 8-(
> > I uploaded a patch, B85, which fixed the problem; enough people voted for
> > it to go into 0.6.3, but unfortunately it never made it into the 0.6.3
> > distribution.
> > 
> > I've uploaded a new version, B85-cloexec-2.txt, to hyperreal; this patch
> > also sets the close-on-exec flag on the Virtual Host transfer logs.
> > 
> As I remember, we decided not to do this since it *is* important to
> get real errors logged.

I don't remember this. But I was mistaken in thinking that B85 was voted
on -- it wasn't, and I don't know why.

To answer your implied question, B85 does not make any functional changes
to a well-behaved CGI script; scripts still have the error_log as their

> Would it be possible to add another "safer" panic-log to the CGI
> spec that would still get written out in this case?

Certainly. I'm not sure its needed, though.
IF the error_log were opened  O_APPEND, then I don't think a script could do
much damage.


View raw message