httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: arctic.patch
Date Fri, 27 Mar 1998 06:43:21 GMT
At 09:50 PM 3/25/98 -0800, Dean Gaudet wrote:
>Hey I keep saying I'm always running HEAD... but the truth is I've always
>got a few mods.  Is there anything here that folks think I should clean up
>and commit?  This contains: 
>
>- the -p command line switch so that you can pass pre-opened sockets to
>the server (so it doesn't need to run as root at all)
>
>- listenwrap, which can be setuid root and spawn the server with a -p
>option

Making this available in /contrib for 1.3.0 and integrated into 1.3.1
sounds great to me.

>- SymLinksIfGroupMatch, which I find absolutely necessary for systems that
>have groups maintaining a web site... although I've stopped using it in
>favour of mod_allowdev. 

I've never understood the "security" of SymLinksIfOwnerMatch.  If the
target of a symlink was viewable by the web server, it's probably also
viewable by Joe Malicious User, who could just copy the file into their own
tree.  

>- gif89-expires-hack

Definitely good for contrib

>- some extra debugging log messages

Never hurts.

>- the piped log child is spawned in its own process group, chdir()d to
>server_root... this is so that you can use server_root relative paths in
>the piped log command

Seems like this would be a good thing.

	Brian


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
specialization is for insects				  brian@organic.com

Mime
View raw message