httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: configfile_t.param
Date Wed, 03 Jun 1998 17:20:31 GMT
Dean Gaudet wrote:
> 
> On Tue, 2 Jun 1998, Lou Langholtz wrote:
> 
> > Dean Gaudet wrote:
> >
> > > On Mon, 1 Jun 1998, Lou Langholtz wrote:
> > >
> > > > It seems like we're loosing something here that we dont want to lose
> > > > though. With all the hiding we should at least leave behind some
> > > > method pointers with which we can get info on the configuration
> > > > "objects" such as their type, and owner.
> > >
> > > Owner makes no sense in many contexts.
> >
> > That doesn't have to be the case. I think we should take a more empowering
> > direction with directory based config "objects" and strengthen there tie to
> > ACL info in whatever underlying form we can get it.
> 
> No, you are missing the point.  ANY module can generate commands IN ANY
> WAY IT CHOOSES.  It need only fill in the configfile_t structure and call
> srm_command_loop.  mod_perl does this.  It allows folks to generate config
> files as the output of a perl script.  There is no concept of owner here.
> The commands can come from a database, they can come from a file, they
> can come from anywhere.  There is not necessarily a concept of owner,
> ACL, or anything to tie it to.

I've been musing over this one, and it seems to me that the correct
answer will be of the Java sandbox/Perl tainting variety. But that may
be rather more than we want to bite off here. Perhaps something to
consider for 2.0?

Perhaps because of Apache-SSL, and my other work in security, I find I
am increasingly interested in this kind of question.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org/
and Technical Director|Email: ben@algroup.co.uk |
A.L. Digital Ltd,     |Apache-SSL author     http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache/

WE'RE RECRUITING! http://www.aldigital.co.uk/recruit/

Mime
View raw message