httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Querna <>
Subject Re: [RFC] Apache Privilege Separation for WebDAV (now against 2.2.6)
Date Wed, 19 Dec 2007 10:02:02 GMT
Michael Clark wrote:
> Hi Folks,
> I posted a note about my privilege separation patches the other day
> and received some good private help/feedback, and have now made the
> patches a considerable amount more portable and they are using apr
> much more extensively.
> The patch is now fully modular and allows mod_privsep to be compiled
> out (although it does add some additional hooks to the core).

First off, I want to say, this is a very cool set of patches, and I 
would like to see it or some derivative go into trunk!
> Due to the nature of the patch it has to change some core code
> to use privileged wrapper calls for file io. I can't see any way
> around this - I have tried to minimise the impact by adding hooks.

How you stubbed out the file io seems fine for the lifetime of 2.2.x and 
maybe 2.4.x, but in the long run, I believe we need to support some kind 
of "VFS" layer, to make all IO pluggable. (open file, directory listing, 
etc etc).

Preferably Async IO and pluggable too :-)

Dream mode on:
<Location /upload>
    Dav On
    Mount privsep:/opt/upload

# static content
<Location /mysite>
    Mount /www/content

# proxied content
<Location /foo>
    Mount balancer://bigcluster

Anyways, if all IO was abstracted with a little VFS layer, it would mean 
all modules would now work with your privilege separation code, rather 
than just the core, mod_autoindex, and any other modules you write 
patches for :-)

View raw message