httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rici Lake <r...@ricilake.net>
Subject Re: Inclusion of mpm-itk into HEAD
Date Wed, 27 Jun 2007 22:37:46 GMT

On 27-Jun-07, at 1:01 PM, Joshua Slive wrote:

> On 6/27/07, Nick Kew <nick@webthing.com> wrote:
>
>> This is a problem that could be solved by documentation.
>> Maybe not quite as simple, but when the alternative is accepting
>> new connections whilst running as root.
>
> Here's a start:
> http://wiki.apache.org/httpd/Recipes/Privilege_Separation
>

I just added a section to:

http://wiki.apache.org/httpd/Recipes/ 
Different_UserIDs_Using_Reverse_Proxy

which could also use a bit of polishing. It uses mod_rewrite to do the  
proxying, rather than virtual hosts, which makes it possible to avoid
having to change the proxy server's configuration when adding or
deleting user servers.

If the user servers are listening on high ports, then they can be
started as the user/group rather than as root, and the owner could
have quite a bit of flexibility in configuring their server. It's
quite possible that less reliance on .htaccess files would actually
compensate for the additional cost of running multiple server
instances.


Mime
View raw message