httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Clark <mich...@metaparadigm.com>
Subject Re: [RFC] Apache Privilege Separation for WebDAV (now against 2.2.6)
Date Thu, 13 Dec 2007 12:32:11 GMT
FYI

Michael Clark wrote:
> http://oss.metaparadigm.com/apache-privsep/2.3.0-dev/mod_privsep-2.3.0-0.2.patch 
>
>
> The module proper, implements the privsep privileged operation process 
> that listens on a unix socket for privileged operations and performs 
> them on behalf of the unprivileged apache worker processes.

I have since made a fix for a file descriptor leak in the 
ap_privsep_file_open implementation due to my assumption that 
apr_os_file_put did the cleanup for me.

  
http://oss.metaparadigm.com/apache-privsep/2.3.0-dev/mod_privsep-2.3.0-0.2.1.patch

There is also a newer version of the patch which depends on Iain Wade's 
recent apr patch proposals (sent to apr-dev list) to add a working 
version of apr_os_dir_put (called apr_os_dir_put_ex) and a version of 
apr_os_file_put (named apr_os_file_put_ex) that can register a cleanup.

  
http://oss.metaparadigm.com/apache-privsep/2.3.0-dev/mod_privsep-2.3.0-0.2.2.patch

With Iain's patch I am now able to remove any dependencies on internal 
apr structures and arch headers needed to work around limitations (and a 
little brokenness *) in apr_os_dir_put and apr_os_file_put

* Note: it was not previously possible to get a properly working 
apr_dir_t using apr_os_dir_put interface, apr_os_dir_put_ex fixes this 
problem.

Michael.

Mime
View raw message