httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Plüm, Rüdiger, VF-Group" <ruediger.pl...@vodafone.com>
Subject RE: Should server start if module cannot behave as configured?
Date Wed, 09 Sep 2009 15:23:14 GMT
 


________________________________

	From: Jeff Trawick Sent: Mittwoch, 9. September 2009 16:58
	To: dev@httpd.apache.org
	Subject: Re: Should server start if module cannot behave as configured?
	
	
	On Wed, Sep 9, 2009 at 8:57 AM, Dan Poirier <poirier@pobox.com> wrote:
	

		mod_auth_digest cannot implement nonce-count checking or the md5-sess algorithm if the platform
doesn't have shared memory.
		
		Right now, if the admin configures either of these options and the platform doesn't have
shared memory, the module issues a warning and continues without the requested option.
		
		In my opinion, if a security check that the admin requested in the configuration cannot
be implemented, it should be more than a warning; it should be a fatal startup error.
		
		What's the consensus on changing this?
		
		1) What's the right behavior?
		


	fail at startup 
	 
	+1
	 
	Regards
	 
	Rüdiger 
	 
	


Mime
View raw message