httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: [users@httpd] any reasons not to compile with -enable-exception-hook?
Date Fri, 19 Sep 2008 03:35:54 GMT
fredk2 wrote:
> Hi,
> 
> is there any reasons why you would not want in production (or hardened
> server) an apache compiled with -enable-exception-hook?

Yes.  You can and should expect that once the server is compromised, it's
possible although highly unlikely that the actual target of that hook is
also compromised.  Many would rather that the process was brought down,
hard, at the first exception, and that code no longer ran in that context.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message