Return-Path: 
 <dev-return-20751-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 91715 invoked by uid 500); 13 Sep 2001 02:37:16 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
list-post: <mailto:dev@httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 91651 invoked from network); 13 Sep 2001 02:37:15 -0000
X-Authentication-Warning: c1619481-a.almda1.sfba.home.com: iyh set sender to
 IanH@cnet.com using -f
Subject: Re: another map_to_storage gotcha.
From: Ian Holsman <IanH@cnet.com>
To: dev@httpd.apache.org
Cc: rbb@covalent.net
In-Reply-To: <061f01c13bfa$fca30750$94c0b0d0@roweclan.net>
References: <1000334899.7248.215.camel@c1619481-a.almda1.sfba.home.com>
	<20010912225023.E922246DFC@koj.rkbloom.net> <3B9FF465.6050605@cnet.com>
	<061f01c13bfa$fca30750$94c0b0d0@roweclan.net>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Evolution/0.13.99+cvs.2001.09.11.21.26 (Preview Release)
Date: 12 Sep 2001 19:40:23 -0700
Message-Id: <1000348823.7250.239.camel@c1619481-a.almda1.sfba.home.com>
Mime-Version: 1.0
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

On Wed, 2001-09-12 at 19:22, William A. Rowe, Jr. wrote:
> From: "Ian Holsman" <ianh@cnet.com>
> Sent: Wednesday, September 12, 2001 6:48 PM
> 
> 
> > Ryan Bloom wrote:
> > 
> > > On Wednesday 12 September 2001 03:48 pm, Ian Holsman wrote:
> > > 
> > >>one of the guys over here stumbled over a map_to_storage gotcha/bug.
> > >>
> > >>the problem is that in the default httpd.conf file the 'Options' is
> > >>in a 'Directory'. Now if the page is not served from the file system
> > >>mod_jk/mod_proxy then the 'Options' directory config is not run.
> > >>(and the default option was set to 'ALL')
> > >>
> > >>the change should be something like this perhaps (haven't checked it for
> > >>validity)
> > >>or at least change the 'Options' to be in a <Location /> tag
> > >>
> > > 
> > > Changing this in the config is the wrong solution IMHO.  We need to fix the
> > > logic to not break in situations that used to work.  I would prefer to fix the
> > > problem in the code, than to band-aid it and have to suffer with the user
> > > complaints later.
> > 
> > 
> > true. It needs to be fixed in the code as well.
> > 
> > but should this stuff be on a physical location (directory) or a logical location
> > (location).
> 
> Guys, forget I committed anything.
> 
> If you are so narrow-focused that we aren't ready to deal with non-filesystem
> Options v.s. Root/htdocs Options, then let's revert the entire set of patches.
> 
um.. no 
I like the map_to_storage.
It will increase performance significantly for us, and will make our
design easier for our custom modules.

I keep on pointing out problems with map_to_storage because I keep on
running into them when I am handling reverse proxying (a major component
in our web design)
I am in no way suggesting to remove this hook.

> The behavior you observe is neither a bug nor a misconfiguration.  Global Options
> should have (always) been set on <Location />.  Filesystem Global Options should
> have (always) have been set on <Directory /> (at least since the patch for win32
> and relatives to allow even d:/ to be affected by Directory "/").

the problem is that in the standard httpd-std.conf the configuration is
done in @@Serveroot@@/htdoc directory instead of Location "/"
the way the current configuration 'out of the box' would not work
properly for people serving pages off non-filebased systems.

What I am suggesting is to move some of these configurations to
<Location /> where they belong.

(BTW.. there are NO '<location>' directives installed in the
httpd-std.conf)

> 
> IMHO - this increases security - significantly.  What on earth are the two of
> you proposing.  When you speak of a 'code' fix, I'm near certain I smell a veto 
> (in favor of reverting all filesystem abstraction to date) and drop all further 
> efforts on dir_walk and file_walk as well.

the code 'fix' I am proposing (if any) is to change the 'Options' to
default to 'OPT_NONE' instead of 'OPT_ALL'. (which is what it currently
does)

> 
> Bill
-- 
Ian Holsman
Performance Measurement & Analysis
CNET Networks    -    415 364-8608