On Wed, 2004-01-07 at 09:56, Stas Bekman wrote:
Geoffrey Young wrote: [...]
Sorry for kicking in late on this thread, but lemme share my 0.02$
I'm very unhappy about this change in Apache, but besides me everybody keeps quiet and doesn't complain/looking for solutions in the core of the problem, I won't be surprised that it'll stay that way.
Well, being a bit slanted on the security side, I agree with mandatory escaping of the error_logs, as annoying it might be for development reasons.
If Apache doesn't remove this change, I'm thinking that we will provide an alternative implementation in mod_perl and have a compile time option which will choose Apache's implementation vs. ours (ours will be just a copy of Apache's core implementation before this change). How does this sound? Of course users should be aware of the potential risks if they choose ours.
I don't like much the idea of having mod_perl do something like that, at least not with *BIG RED LETTERING* warning joe-user.
It has been already solved, by introducing a compile time define in httpd which will prevent that escaping. Geoff, was it backported to 2.0 already? I suppose you have added your +1, right?
But, why not work around this issue completely by introducing : ModPerlErrorLog logs/modperl_log
Or something similar? Then there is no problem anymore and we can do whatever we feel like with logs, color codes, etc.
That's a bad idea, IMHO. You will have to monitor two log files instead of one.
And even if you did that, what do you achive? You will have to drop the C API for logging and reimplement from scratch.
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
