httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From KaiGai Kohei <kai...@ak.jp.nec.com>
Subject Re: [RFC] A new hook: invoke_handler and web-application security
Date Thu, 09 Apr 2009 23:46:21 GMT
Stefan Fritsch wrote:
> On Thursday 09 April 2009, Graham Dumpleton wrote:
>> Only you would know that. But then, I could be pointing you at the
>> wrong MPM. There is from memory another by another name developed
>> outside of ASF which intends to do the same think. The way it is
>> implemented is probably going to be different and may be the one I
>> am actually thinking of. I can't remember the name of it right now.
> 
> Maybe you mean MPM itk, which can change to different users for 
> different vhosts?
> 
> http://mpm-itk.sesse.net/

Thanks for your information.

It is designed on the prefork. It makes a child process for each
connection to call ap_process_connection() in separated context,
and the parent waits for the completion of this.
In addition, it assigns configured uid/gid on the header_parser hook,
then contents handlers are invoked.

It seems to me that we can share its basic idea and design.
The mpm-itk also has separatable two functionalities:
 1. it makes a process for each connection.
 2. it assigns privileges on a process.

I believe we are now on the right direction.

Thanks,
-- 
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>

Mime
View raw message