httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <>
Subject Re: [PATCH] resend: fix fd leaks
Date Tue, 18 Mar 2003 09:25:04 GMT
On Mon, Mar 17, 2003 at 11:56:11PM -0600, William Rowe wrote:
> At 04:46 AM 3/13/2003, Joe Orton wrote:
> >[Resend.  There are currently two outstanding fixes for public security
> >issues in the 2.0 stable branch: this and escaping of untrusted request
> >data in mod_log_config which Andre forward-ported from 1.3]
> >
> >Hi, here is a version of the patch in #17206 which removes the current
> >the fd leaks.  Most of these were introduced in this commit
> >
> >
> >
> >though the pod leak has been around longer. I haven't checked whether
> >the mod_file_cache change in that commit should be reverted as well. The
> >patch is against 2.0 HEAD.
> >
> >Submitted by: Christian Kratzer, Bjoern A. Zeeb
> +1 here.  I have one comment; please *don't* simply delete those lines
> from server/log.c, modules/mappers/mod_rewrite.c and, of course,
> modules/loggers/mod_log_config.c.  Please comment them out with
> /* XXX: this would be required in the Win32 parent */
> We don't have the mechanics in place so right now this is a beneficial
> noop on Win32.  However, we should be passing those handles on to
> all child processes.  That won't happen today, but will occur in the very
> near future.  The XXX comments will remind me what I need to wiggle
> to make this work.

I don't really understand this... the file_inherit interface concerns
whether files are inherited by exec()d processes, not any "child
processes", on Unix.  Is there some mismatch in the Win32
implementation?  Why should httpd need this APR call specifically for



View raw message