httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Querna <c...@force-elite.com>
Subject Re: [RFC] Apache Privilege Separation for WebDAV (now against 2.2.6)
Date Wed, 19 Dec 2007 10:02:02 GMT
Michael Clark wrote:
> Hi Folks,
>
> I posted a note about my privilege separation patches the other day
> and received some good private help/feedback, and have now made the
> patches a considerable amount more portable and they are using apr
> much more extensively.
>
> The patch is now fully modular and allows mod_privsep to be compiled
> out (although it does add some additional hooks to the core).

First off, I want to say, this is a very cool set of patches, and I 
would like to see it or some derivative go into trunk!
> Due to the nature of the patch it has to change some core code
> to use privileged wrapper calls for file io. I can't see any way
> around this - I have tried to minimise the impact by adding hooks.
>

How you stubbed out the file io seems fine for the lifetime of 2.2.x and 
maybe 2.4.x, but in the long run, I believe we need to support some kind 
of "VFS" layer, to make all IO pluggable. (open file, directory listing, 
etc etc).

Preferably Async IO and pluggable too :-)

Dream mode on:
<Location /upload>
    Dav On
    Mount privsep:/opt/upload
</Location>

# static content
<Location /mysite>
    Mount /www/content
</Location>

# proxied content
<Location /foo>
    Mount balancer://bigcluster
</Location>

Anyways, if all IO was abstracted with a little VFS layer, it would mean 
all modules would now work with your privilege separation code, rather 
than just the core, mod_autoindex, and any other modules you write 
patches for :-)
>


Mime
View raw message