Title: RE: Possible security enhancement to apache server
Hi,
I would like to discuss with anybody who knows the internals of the
software the viability of an Apache server change along the
following lines.
snipsnip
Another way of getting the (semi) same result is forwarding
Hi,
I would like to discuss with anybody who knows the internals of the
software the viability of an Apache server change along the following lines.
Verbose mode on.
Apache is mostly started by system scripts at boot time, and as such, is
started as root. From there, it can change uid and gid
i did something similar ages ago... and i think manoj did some followon
work to my patch. my idea was to use a wrapper much like innd uses, just
to open the socket.
if you look at http://arctic.org/~dean/apache/1.3/arctic_mods_v2.patch
and search for pre_opened_socket, permanent_listeners, and
On 26 Jun 2001 10:01:14 +1000, David Campbell wrote:
Hi,
I would like to discuss with anybody who knows the internals of the
software the viability of an Apache server change along the following lines.
Verbose mode on.
Apache is mostly started by system scripts at boot time, and as such,
Ian,
Like I said, the apache config files need to be writable by the control-centre
so they'd have to be writeable by the uid under which the control-centre runs.
Then I guess that apache could be launched from sudo and then change down to a
different
uid that could read the config files as