httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James H. Cloos Jr." <cl...@jhcloos.com>
Subject Re: Corporate America and Apache
Date Thu, 25 Apr 1996 09:38:27 GMT
sameer> Two processes can't grab the same address.port, but one
sameer> process can grab *.port and another can grab address.port. The
sameer> one that grabs address.port *should* have precedence. I
sameer> haven't heard of any kernels for which this isn't the case,
sameer> but maybe this behavior is "fixed" in linux because it is a
sameer> "security hole".

I beleive Aram runs 1.2.13 (yes?) in which case the security hole is
not (yet) fixed.  The hole was plugged when Linus was here in the
States, ca 1.3.80 I think.  From that point, you cannot bind to
address.port if *.port is already bound.  In older kernels, you can
bind address.port over *.port with address.port taking precedence.

Note that Apache only ever bind to address.port due to a BindAddress
directive.  ServerName directives, whether in <VH> sections or not, do
not currently bind to address.port.  (This is something I'd like to
see, combined with a pool of children per VH, so that User and Group
directives can go in <VH> sections.)

-JimC
-- 
James H. Cloos, Jr.	<URL:http://www.jhcloos.com/~cloos/>
cloos@jhcloos.com	Work: cloos@io.com
LPF,Usenix,SAGE,ISOC,ACLU

Mime
View raw message