Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: docs@httpd.apache.org
From: =?ISO-8859-1?Q?Andr=E9?= Malo <nd@perlig.de>
Subject: Re: [Review] mod_dav.xml split (Revision)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Organization: TIMTOWTDI
References: <n2m-g.1eakttep6cuy9ndparker@news.perlig.de>
 <Pine.WNT.4.33.0211122040330.-1812225-100000@jgcomputer>
Date: Wed, 13 Nov 2002 23:13:29 +0100
To: docs@httpd.apache.org
Message-ID: <n2m-g.hg54k8pwtq3q$ndparker@news.perlig.de>
User-Agent: Yes!

* Joshua Slive wrote:

> The DavLockDB is written as the httpd User/Group, correct? 

yep. (resp. the process uid/gid, think of perchild)

> Is it safe to
> write it to a publicly writable directory like /tmp? 

hmm. I think no.

> If so, we should
> change the example in the DavLockDB directivesynopsis to recommend that,
> since it now points to logs/DavLock.  If not, we should change the other
> examples to logs/DavLock, and we should document the necessity to
> touch/chown the file before starting apache.

The problem is: "normal" logfiles are usually opened as root, so in fact 
*nobody* needs write access to the logs directory. Actually one should 
create a separate directory for runtime lo[g|ck]s, like DavLock, 
RewriteLog, ScriptLog (?). Or is this too paranoid?

(of course, this doesn't affect the win32 'user concept'...)

nd
-- 
s  s^saaaaaoaaaoaaaaooooaaoaaaomaaaa  a  alataa  aaoat  a  a
a maoaa a laoata  a  oia a o  a m a  o  alaoooat aaool aaoaa
matooololaaatoto  aaa o a  o ms;s;\s;s;g;y;s;:;s;y#mailto: #
 \51/\134\137| http://www.perlig.de #;print;# > nd@perlig.de

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org