httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ed Korthof" ...@organic.com>
Subject Re: updated Agenda for 1.2b7
Date Sat, 08 Feb 1997 01:37:04 GMT
On Feb 7, 12:31am, Marc Slemko wrote:
> Subject: updated Agenda for 1.2b7
> As always, I have missed things.  Please send me any updates,
> even if you have sent them before and I ignored you.  <sigh>
>
>   * new header_parse API hook is called too often
>        Status: RobH posted patch, had second thoughts.  He
>        suggests that mod_browser be optimised by detecting if it has been
>        called already and returning early if it has.

I'm working on this one; I'd like to make a more generalized way that modules
can figure out if they've been called already for a given request.

>   * accept errors EPROTO and ECONNABORTED should not be logged
>        Status: no patch, ditto above, but will require ifdefs

See attached patch.  Should we ignore the same error codes for 'select' as
well?

>     * do we want a half-hearted attempt at fixing logfile opening security
>       holes?
> 	Status: Jim & Randy say no  How about check to be sure directory
> 		is owned by the user that started httpd and not group
> 		or world writable?

That check would be fine with me, so long as it was configurable (and well
documented; the server should probably die with an appropriate error message
(including how to turn this off) if the check fails).

>-- End of excerpt from Marc Slemko



-- 
     -- Ed Korthof        |  Web Server Engineer --
     -- ed@organic.com    |  Organic Online, Inc --
     -- (415) 278-5676    |  Fax: (415) 284-6891 --

Mime
View raw message