httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert Lash" <albert.l...@docunext.com>
Subject Re: server-status and privacy
Date Fri, 02 Jul 2010 00:45:58 GMT

> There have been a few reports regarding how server-status "leaks"
> info, mostly about our (the ASF's) open use of server-status and
> how IP addresses are exposed.
>
> I'm thinking about a patch that adjusts server-status/mod_status
> to have a "public vs. private" setting... Public would be to
> have IP addresses exposed as public info; private would be to
> not expose 'em (keep 'em private).
>
> Comments?
>

This is a cool idea! It reminds me of the ability to privatize email
addresses when publishing mailing lists as html with something like
Monharc.

FYI - when I first read your email, I thought you were proposing some sort
of ACL keywords for public v. private subnets.

-- 
http://www.docunext.com/


Mime
View raw message