httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <>
Subject Re: mpm-itk and upstream Apache, once again
Date Thu, 19 Jul 2012 16:26:23 GMT
On Thu, 19 Jul 2012 17:38:31 +0200
"Steinar H. Gunderson" <> wrote:

> On Thu, Jul 19, 2012 at 11:27:04AM -0400, Jeff Trawick wrote:
> > What changes are needed to httpd trunk so that you can build mpm-itk
> > with apxs and enable it via LoadModule, such that mpm-itk is fully
> > functional?  As I'm sure you're aware, prefork, worker, and event are
> > all untied from core enough to support that in httpd >= 2.4.
> We'd need:
>   1. A hook right after merging the perdir config.

Does it run per-dir config as root?

How does it protect against such potential attacks as running an
external program as root through a RewriteMap running earlier
than the directory walk?

Given that the header_parser runs immediately after directory
config in request.c, are there specific reasons (beyond inelegance)
not to run as header_parser with REALLY_FIRST?

>   2. Fixes to get Apache to drop the connection if it detects
>      (during .htaccess lookup) that it would need to change the uid.

Dropping the connection gratuitously breaks HTTP, and so has no
place in httpd (of course, a third-party module sets its own rules).
Would it need a core patch to return an Internal Server Error (500)?

Nick Kew

View raw message