httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: [PATCH] pid safety checks for 2.2.x
Date Thu, 05 Jul 2007 16:16:44 GMT

On Jul 4, 2007, at 12:52 PM, Joe Orton wrote:

> On Thu, Jun 28, 2007 at 12:50:37PM -0400, Jim Jagielski wrote:
>> On Jun 28, 2007, at 7:56 AM, Joe Orton wrote:
>>> So, final comments on this?  If there's consensus that this is the
>>> approach to take I'll revert the pidtable stuff out of trunk, commit
>>> this there, and propose the backport.
>>>
>>
>> Don't forget the 1.3 branch...
>
> I've been trying to get a patch together for 1.3.x but the portability
> stuff keeps biting me - accurately detecting presence of getpgid is
> harder with the 1.3 build system even on Linux (it's hidden without
> _GNU_SOURCE defined, but helpers/TestCompile still detects it... etc).
>
> So I'd say stick with the existing pid-table stuff for 1.3 - I  
> tested it
> with mod_scribble and it prevents the exploits tested there.
>

I agree... I also tried porting the pgid stuff back and it
was not as easy or straightforward as I would have hoped.
With 1.3, having a parent table is certainly more "self-contained"
than possible with 2.x and doesn't involve any portability
issues, afaikt.




Mime
View raw message