[EMAIL PROTECTED] wrote:
>brane 2003/03/18 15:10:15
>
> Modified:include apr.hw apr.hnw apr.h.in
> .configure.in CHANGES
> Log:
> Define a printf format and format length for apr_uint64_t.
> Also define APR_INT64_T_FMT_LEN on Windows and Netware; Unix already
>
On Tue, Mar 18, 2003 at 09:56:04PM +, Bjoern A. Zeeb wrote:
> On Tue, 18 Mar 2003, Joe Orton wrote:
> > 2. otherwise: even when you set CLOEXEC, the arbitrary binary which
> > can be fork/exec from an untrusted PHP script can then just use
> > ptrace() to arrange for any httpd child to run arbi
On Tue, 18 Mar 2003, Joe Orton wrote:
Hi,
> "security risk" is that PHP will let you fork/exec any executable
we are not talking about mod_php here - at least I do not.
> 2. otherwise: even when you set CLOEXEC, the arbitrary binary which
> can be fork/exec from an untrusted PHP script can the
On Tue, Mar 18, 2003 at 12:37:16PM -0600, William Rowe wrote:
> At 04:03 AM 3/18/2003, Joe Orton wrote:
> >On Mon, Mar 17, 2003 at 11:59:42PM -0600, William Rowe wrote:
> >...
> >> If Brad or Brian are available - I will need your eyes on the Unix
> >> patches - and I don't want to go weeks before
At 04:03 AM 3/18/2003, Joe Orton wrote:
>On Mon, Mar 17, 2003 at 11:59:42PM -0600, William Rowe wrote:
>...
>> If Brad or Brian are available - I will need your eyes on the Unix
>> patches - and I don't want to go weeks before we release 0.9.2.
>> If we can address these issues on those platforms b
On Mon, Mar 17, 2003 at 11:59:42PM -0600, William Rowe wrote:
...
> If Brad or Brian are available - I will need your eyes on the Unix
> patches - and I don't want to go weeks before we release 0.9.2.
> If we can address these issues on those platforms by Wed that
> would be *really* terrific!
So
On Mon, 17 Mar 2003, William A. Rowe, Jr. wrote:
Hi,
just skipped through; too late for everything more.
> --- file_io/unix/open.c 6 Mar 2003 09:24:17 - 1.110
> +++ file_io/unix/open.c 17 Mar 2003 22:58:30 -
...
> @@ -191,7 +213,10 @@
>
> if (!(flag & APR_FILE_NOCLEANUP)) {
>
On Mon, 17 Mar 2003 23:59:42 -0600, William A. Rowe, Jr. wrote:
>At 11:47 PM 3/17/2003, William A. Rowe, Jr. wrote:
>>With a small typo pointed out by Bjoern, and fixing at least the
>>prototypes for the socket v.s. file implementations of inherit, here
>>is the revised patch. It is 'theoretical
At 11:47 PM 3/17/2003, William A. Rowe, Jr. wrote:
>With a small typo pointed out by Bjoern, and fixing at least the
>prototypes for the socket v.s. file implementations of inherit, here
>is the revised patch. It is 'theoretical' - I'll vet it on OS/X in
>the morning.
YOW! Please ignore the OS
With a small typo pointed out by Bjoern, and fixing at least the
prototypes for the socket v.s. file implementations of inherit, here
is the revised patch. It is 'theoretical' - I'll vet it on OS/X in
the morning.
I have one question; should we also be toggling sockets as
FD_CLOEXEC? Common se
10 matches
Mail list logo