httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <>
Subject Re: [PATCH] security - run mod_cgid's daemon under same user as Apache
Date Thu, 08 Jun 2000 00:28:10 GMT
On Wed, Jun 07, 2000 at 04:47:02PM -0400, Dale Ghent wrote:
> In leu of /tmp, I suppose the next place for the socket would be
> $SERVER_ROOT/logs, but with already in there, $SERVER_ROOT/logs
> is already turning into something other than a place just to stash access
> and error logs.

IMO, we ought to create $SERVER_ROOT/var/ and put the logs/ subdir under
that. Under var/, we could have areas with the right permissions, owners,
and whatnot.

For the DAV stuff, Apache will need a place to keep the "lock database."
Basically, a DBM file that it will read/write during operation of the
server. Those operations are done from the main process, so the DB needs to
be read/write by the Apache user/group.


Greg Stein,

View raw message