httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: Configuration Issues to Address [was Re: Dynamic configuration for the hackathon?]
Date Thu, 03 Apr 2008 14:17:47 GMT
Jorge Schrauwen wrote:
>>  ... if we had a config finalize, modules who were prepared to declare
>>  their config (e.g. mod_vhost declaring the per-host directory merges
>>  "completed") then as-root, we can finish these out, opening logs with
>>  full privileges.  Other merges will happen at run time (or be optimized
>>  when we can accomplish this) per-request.
> So does a setup like this make it possible for the processes/thread
> handling the request to change to the correct UID/GID before
> reading/writing files? Just something that popped into my head when
> reading this.

No.  Once the httpd engine finishes the config phase altogether, we
continue to drop from root to the desired UID/GID and that process
must not have the privilege to change these again.  The request engine
... which is the container where exploits are targeted, must remain

View raw message