httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <>
Subject Re: [STATUS] Sat Apr 19 21:05:18 PDT 1997
Date Sun, 20 Apr 1997 16:29:06 GMT

> Agenda for 1.2b9-dev
> ====================
> Patches available:
>   * Roy's [PATCH] Handle timeouts in buffers as well as connection
>     <>
>     Status: Roy +1

+1  I've been running this for a couple of days now. It has greatly 
reduced the number of 'send body' messages in the error log. 
Timeout stuff is looking pretty good in my opinion.

>   * Ken's [PATCH] plug for mod_example memory leak
>     <>
>     [Isn't this effectively documentation and not subject to the voting
>     rules? -dean]


>   * 404 errors for server-parsed files not logged in error log
>     <Pine.LNX.3.95.970419204952.8165A-100000@aardvark.localnet>
>     Submitted by: John Van Essen <> and
>     turned into a patch by Paul Sutton.
>     Status: Paul +1, Dean +1


>   * Paul's Logging bad methods and URIs
>     <Pine.LNX.3.95.970419222007.8165B-100000@aardvark.localnet>
>     Status: Paul +1, Dean +1


>   * Dean's [PATCH] PR#375: MaxClients needs to be at least 1
>     <>
>     Status: Dean +1


>   * Dean's [PATCH] PR#344: 64-bit cleanups (take 2)
>     <>
>     Status: Dean +1 but hey, no hard feelings if this slips 1.2
> Should be done for 1.2:
>   * Listen and serialization problem should at least be documented,
>     perhaps solved.  See
>     <>
>     Possibly related PR#s: 361, 299, 256

Serialization of the server on FreeBSD 2.2 has _reduced_ the amount 
of swap growth mainly through reduction of processes. I do think 
that some children are getting buried by being left in a queue 
state that does not allow them to accept.

>   * suexec has lots of open PRs:
>     PR#269, 319, 395: suexec and SSI problems
>     PR#367, 368, 354: SEGV caused by suexec
>     PR#341: documentation error?  user confusion?
>     PR#339: suexec doesn't work with QUERY_STRINGs
>     Maybe we should say suexec is experimental...

As Ken pointed out, we would get hammered about this regardless. 
I'll try to look at some of these issues today. The behavior is 
mainly intened with exception of the SEGVs which I don't see. We 
really need to talk about how we expect some of this to work before 
moving ahead to fix it. Some of these things are just limitations 
to preserve some level of security.

WRT problems noted about ~user execution, I have never used this 
feature in a production environment, so some other experiences 
would be welcome.

>   * SEGV under FreeBSD with lingering_close [and proxy?]
> 	Randy hasn't seen any coredumps in the last 24 hours.

Still no problems in this area.

>   * PR#373: timeout problems introduced between 1.2b7 and 1.2b8

I think these are resolved by some of Roy's recent work.

>   * some better suexec docs would be really nice, detailing some of the
>     security risks and compromises discussed
> 	Status: I think Randy said something about doing it at one point.
> 		Randy says he thinks Jason is perhaps doing them.
>                 [And Roy says: either somebody needs to document how it
>                  works (I don't know), or I'll go through and remove the
>                  documentation about how "good" it is to use it.]
> 	New Status: not really worth holding 1.2 on

2 points...

1. No sense writing docs until we finallize some of the last few 

2. I wrote the first pass on the docs, so I would welcome feedback 
as to what needs to change.

View raw message