httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Meyer <mwm-keyword-apache.b9a...@mired.org>
Subject ownership & mmaped files - I have to be missing something...
Date Thu, 11 Nov 2010 07:28:50 GMT
I'm working on a module that needs a couple of bits of shared memory,
some of it mmapped in. Since this is dealing with financial data,
things are run in as secure a mode as possible by default. And we want
things properly cleaned up as well.

So httpd starts as root so we can open port 80, then changes to an
unprivileged ID. If I set up the file map in the post-config-hook, it
winds up getting owned by root. In the child_init, the files isn't
mapped, so I attach it. Except I can't, because it's owned by root and
I'm no longer running as root.

Similar problems show up when I try and destroy the shared file when
I'm done with it. The cleanup run as the unprivileged ID, so can't
create the shm segments, files, etc. created by root in the init.

Is there a hook that runs after config in the parent, but as the
unprivileged id that I should be using? I couldn't find one (either in
the sources or on the web), so gave up and just set the euid before I
create those things. This seems dangerous - what if other threads are
running when I do this? 

Why does it seem that this problem isn't mentioned on the web at all?
Or is that just my search skills not being subpar? Or do people just
run everything as root for this?

Help?

	Thanks,
	<mike
-- 
Mike Meyer <mwm@mired.org>		http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.

O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

Mime
View raw message