[Originally posted from an address that isn't subscribed to this list - apologies if it gets duplicated]
I've just introduced mod_privileges to Apache HTTPD trunk. This is a platform-specific module for Solaris 10 and OpenSolaris, that makes the webserver privileges(5)-aware. This enables the server to be run with enhanced security, and with different settings per virtual host. The feature likely to be of most interest is that it enables different virtual hosts to run under different Unix user and group IDs, using the VHostUser and VHostGroup directives. This is the capability once promised by the "perchild" MPM. It has one major drawback: it is not suitable for a threaded MPM. However, it is ideally suited for use with PHP, which of course also precludes threads. It should also be of interest to anyone hosting other in-process scripting environments such as mod_perl, mod_python or mod_ruby, or application modules. http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/unix/mod_privileges.c http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_privileges.xml -- Nick Kew -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/webstack-discuss/attachments/20081114/93a1cc1d/attachment.html>
