httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject Re: new watchdog module
Date Thu, 05 Feb 2009 00:11:20 GMT
Ruediger Pluem wrote:

> This seems to be a very valid concern to me. Plus in the parent it runs with root
> privileges and we should minimize the code that runs with these privileges, even
> more so as an author of code that uses the watchdog may not really be aware that
> its code is running under root (in contrast to people who develop modules like
> mod_unixd and mod_privileges).
> 
> So we shouldn't run this in the parent process but only in the childs or fork a
> separate child (like mod_cgid does) that only runs the watchdog if a
> single-instance-non-locking watchdog is needed.

I don't think there is a one size fits all solution to this, I think we 
should offer modules an option to spawn a thread/process/whatever both 
before or after the drop privileges step, and let the module author 
decide which is most relevant to them.

Because it would be an explicit choice, and not an implicit one, there 
would be no confusion as to what user was running this code.

Regards,
Graham
--

Mime
View raw message