httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@covalent.net
Subject Re: Deja vu
Date Sat, 06 Jan 2001 22:56:00 GMT

> > But, the only APR function we have that deals with the password database
> > in apr_home_directory.  We decided when we first hit this issue, that
> > we wouldn't create all the other functions until we needed them.  In the
> > long term though, yes you are correct that if the only access to the
> > password database is through APR, we could solve all the problems.  I have
> > a hard time believing we can rely on programmers to accept that though.
> > 
> > > Actually, after contemplation, I thought the deal was that although you
> > > could lock getpwnam (and anything else that might obviously collide) you
> > > may still get bitten by something less obvious that collides with
> > > something getpwnam calls. I don't really buy this argument, because the
> > > obvious counter is to use a _universal_ mutex for _all_ non-thread-safe
> > > stuff, then they can interact as much as they want, coz only one will be
> > > running in practice. Stuff that uses this without APR's assistance in
> > > Apache is just plain broken, and not to be worried about. IMO.
> > 
> > You are correct, this is just plain broken, but at what point are you sure
> > that you have all of the functions covered in APR?  Unless you really
> > investigate the C Run-time to find ALL of the interactions, there is a
> > good chance you will miss one or two.
> 
> In which case you were screwed anyway, surely?

Yep.  We are really saying the same thing I think.  If APR implements
wrappers around all of the password database accessor functions, then we
can protect the programmer, assuming they are willing to always use APR
functions.  If we don't put wrappers around them all, we can almost
garauntee that given time something will screw up.  I think what I want to
see, is a warning when compiling a threaded MPM on platforms without all
of the _r functions that the server may not work.  Then, I would put a
non-showstopper in the STATUS file, for both APR and Apache, that says the
warning can and should be removed when APR implements all of the password
database functions.

Ryan

_______________________________________________________________________________
Ryan Bloom                        	rbb@apache.org
406 29th St.
San Francisco, CA 94131
-------------------------------------------------------------------------------


Mime
View raw message