httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thom May <t...@planetarytramp.net>
Subject Re: [Patch] Be more selective on includes
Date Thu, 21 Nov 2002 23:27:50 GMT
* André Malo (nd@perlig.de) wrote :
> * Thom May wrote:
> 
> > This is in response to a debian bug request; basically it just tightens up
> > the list of allowed characters, so we don't include .dotfiles and backups
> > etc.
> > Thoughts?
> 
> hmm. I don't like it. The most can easily be done with normal wildcard 
> matching. If your patch is applied and I have filenames (already), that 
> don't match the hardcoded (!) rules, I'm lost.
> 
OK, so Justin and I were just discussing this in the bar at apachecon, and
I explained the use-case I was interested in, and why I wanted this patch:
We have a directory tree containing vhosts:
/etc/apache2/sites-enabled
this contains file in this form:
samizdat.positive-internet.com
www.planetarytramp.net
www.example.org.uk
...

ie, the file name matches the ServerName entry. In this case, wildcard
matching is either too generic (Include sites-enabled/*), or not workable at
all(Include sites-enabled/*.com\nInclude sites-enabled/*.org etc etc).
Now, say we edit a file in this directory, and while we are doing so, 
apache gets restarted. most (unix) editors will leave a .name-of-file.swp 
or name-of-file~ in the
directory as a backup while you are editing the file, so at this point you
know have two semi-identical lumps of config loaded, one of which may be
broken, or missing config or whatever. This seems like an uber-bad thing.
So, I guess the second proposal would be to keep the behaviour my patch
proposes, but add a SafeInclude on/off directive (defaulting to Off) to
define whether you want the behaviour or not.
Cheers,
-Thom 

Mime
View raw message