Hello, I'd like to send a short note about my Apache module for serving socket policy file in a more effective and secure way than many current scripts on the net do:
It can't be blocked by a slow/malicious client, runs with reduced privilleges (as "apache", "www", "nobody", YMMV) and doesn't read any input from clients at all. I've yet to add documentation and Redhat/CentOS rpm packages and I also plan to make it configurable through httpd.conf, but anyway it is already useable - you can find my mod_socket_policy.c here: http://code.google.com/p/mod-socket-policy/source/browse/#svn/trunk Adjust the POLICY string for your needs, then compile and install it with apxs -c mod_socket_policy.c apxs -i mod_socket_policy.la then add the following lines to your httpd.conf: LoadModule socket_policy_module modules/mod_socket_policy.so Listen 843 <VirtualHost _default_:843> </VirtualHost> and remember to open the port 843 in your firewall + if you run SELinux: semanage port -a -t http_port_t -p tcp 843 and you should be ready to go. The license is open-source and allows commercial usage. Optionally there is also a socket-policy.pl for a quick start, it should run on Windows with ActivePerl as well. Regards Alex _______________________________________________ Flashcoders mailing list Flashcoders@chattyfig.figleaf.com http://chattyfig.figleaf.com/mailman/listinfo/flashcoders
