httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Sutton <>
Subject Re: apachen Configure
Date Mon, 11 Aug 1997 09:49:04 GMT
Jim Jagielski wrote:
> Anyone else a bit nervous about the format in apachen that all
> lines between ConfigStart and ConfigEnd are implicitely trusted?
> After all, these are run by and as the person running Configure
> and are not limited to Configure-type stuff...??

Yes, it us a bit worrying but I cannot think of any other way of giving
module authors the generic ability to set the configuration they require. 
My original plan was to get allow the setting of variables but the
configuration of mod_status and mod_auth_{dbm,db} all require a
conditional. I would liked to have come up with a syntax which allowed
this without giving the commands direct to the shell, but this would be
complex to write.

Other than that, I would have liked to be able to display the shell
commands which a question:

  mod_status wants to execute these commands via the shell:
    if [ "$RULE_STATUS" = "yes" ]; then

then let the server admin decide if it is safe or not. But Configure is
designed to be questionless so this isn't possible (at the moment). 

But of course people are already running Configure itself and apparently
trusting it (like they trust perl's configure and so on). There is plenty
of scope for hiding nastiness inside Configure or the helper scripts. So
is trusting additional module really any more insecure? 


View raw message