httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: SDBM 2.0 'namespace protection'
Date Wed, 29 Nov 2000 19:06:24 GMT

> We namespace protect everything that might be visible, whether it is
> intended for use by other modules or not. Since the stuff goes into the same
> process space as other, arbitrary code, we need to protect it (and protect
> others from it).

Ummmm.....  Expat and PCRE haven't been namespace protected.  I personally
believe they should, but they aren't now.

> > I'd like to see SDBM go back to a (relatively) pure and
> > original implementation, and have our wrapper add any namespace
> > protection and other features (pools, etc.)
> I scrounged a copy from somewhere, integrated fixes from Perl, swapped fixes
> with Ralf (he uses it in mod_ssl), brought the code up to ANSI standards
> (you wouldn't believe some of the crap that was in there), and then APR-ized
> it when it went into Apache 2.0 (to get portable file mgmt, portable file
> locking, and the protection of pools for allocation).
> I don't see any purpose served by losing any of those mods.

The reason for losing those mods, is that pools are the wrong solution, as
is, I believe APR.  APR would be the correct solution if it wasn't tied to
pools, but it is.


Ryan Bloom               
406 29th St.
San Francisco, CA 94131

View raw message