On May 6, 2008, at 4:12 PM, Nick Gearls wrote:
If there's a chance to add it, I'm ready to write the doc patch
I did below a while ago. May be useful as a start.
Dw
Index: mpm_common.xml
===================================================================
--- mpm_common.xml (revision 653793)
+++ mpm_common.xml (working copy)
@@ -1039,14 +1039,26 @@
<module>prefork</module><module>worker</module></modulelist>
<usage>
- <p>This directive, available in httpd 2.2.9(?) and later, tells the
+ <p>This directive, available in httpd 2.2.9(?) and later on unix,
tells the
server to <var>chroot(8)</var> to the specified directory after
- startup, but before accepting requests over the 'net.</p>
- <p>Note that running the server under chroot is not simple,
- and requires additional setup, particularly if you are running
- scripts such as CGI or PHP. Please make sure you are properly
- familiar with the operation of chroot before attempting to use
- this feature.</p>
+ startup and logfile-opening, but before accepting requests over
the 'net.</p>
+ <note type="warning"><title>Security</title>
+ <p>Note that running the server under chroot is not simple,
+ and requires additional setup, particularly if you are running
+ scripts such as CGI or PHP. Please make sure you are properly
+ familiar with the operation of chroot before attempting to use
+ this feature.</p>
+ </note>
+ <p>In conjunction the <directive module="mod_so">LoadFile</
directive>
+ directive which can be used to load dependencies (for example a
library such as
+ <code>libgcc_s.so.1</code>) prior to the chroot - thus allowing
+ a nearly empty chroot environment. See the <page href="howto/
chroot.html">
+ howto on chroot</page> for more information.
+ for an example.
+ <note><title>Note</title>
+ <p>This directive is only available on unix platforms which
+ support chroot(2).</p>
+ </note>
</usage>
</directivesynopsis>
