Return-Path: Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: (qmail 3163 invoked from network); 24 Jun 2010 12:32:56 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 24 Jun 2010 12:32:56 -0000 Received: (qmail 21534 invoked by uid 500); 24 Jun 2010 12:32:56 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 20872 invoked by uid 500); 24 Jun 2010 12:32:52 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 20858 invoked by uid 99); 24 Jun 2010 12:32:51 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Jun 2010 12:32:51 +0000 X-ASF-Spam-Status: No, hits=-0.2 required=10.0 tests=AWL,FREEMAIL_FROM,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of trawick@gmail.com designates 209.85.160.173 as permitted sender) Received: from [209.85.160.173] (HELO mail-gy0-f173.google.com) (209.85.160.173) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Jun 2010 12:32:46 +0000 Received: by gyd5 with SMTP id 5so3937340gyd.18 for ; Thu, 24 Jun 2010 05:32:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=7dPTRRJ0Gw9d/NtCwz3EXDyv0X449XgyAlFqw0n7a3A=; b=hDwO1PPcJgm4UJiyQpNSbC2ZuwYF+hr2gb/ViAmdflh6cfLojPQVaJnqlq39pp/ARH Ic3kdzzWU2KWgdoqdtZUtuxeN5b3pP1cgW+ycCbBJMWUSGSO02je7MSkgtIeMMD0y0h2 W3fKqMzq9l6WlU4AOcQWxlggZ3PA256y51JEQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=PQOAZNbXz8GsqJW8xDNfRutxPetfyD/FT5Pla4+hivDXTc6qS3OjsGC4dbnLeySEk1 /x2mV6MYfV7kUV/mF+USrIzu5ZQoB+UxATILFvOfAwZzcnJZZtCaCan0VO+y0TsLpGFA 58248IvsuUyRLBb3XnxGtKiD6Pz+ZrU8r/B+0= MIME-Version: 1.0 Received: by 10.101.129.23 with SMTP id g23mr8106223ann.68.1277382745647; Thu, 24 Jun 2010 05:32:25 -0700 (PDT) Received: by 10.100.48.15 with HTTP; Thu, 24 Jun 2010 05:32:25 -0700 (PDT) In-Reply-To: <4C233C16.9080801@schwicking.de> References: <4C20642D.5040207@schwicking.de> <4C233C16.9080801@schwicking.de> Date: Thu, 24 Jun 2010 08:32:25 -0400 Message-ID: Subject: Re: server-status and privacy From: Jeff Trawick To: dev@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Thu, Jun 24, 2010 at 7:05 AM, gmx@schwicking.de wrot= e: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Nick Kew wrote: >> On 22 Jun 2010, at 08:20, gmx@schwicking.de wrote: >> >>> Just as a hint: i posted a patch about two weeks ago, >> >> Pointer? =A0Was that somewhere in bugzilla? =A0I don't see it on-list. >> > I have not opened a bug report yet. I was about to, when this thread > started. > > If the outcome of this thread is, that nothing will be done, i will open > a bug report and attach the patch. > > The patch is also attached to this mail for your convinience :-) Configuring the mod_status handler name is no real solution and won't be committed. A general capability would need to be added to the server to handle this situation (e.g., restrict one/all handler adjustment from .htaccess when FileInfo can be overridden, or something else altogether). In the meantime, just edit your mod_status.c to change the handler name and lock down the config and anything that can look at it (filesystem access/mod_perl/mod_info/???).