Nick Kew wrote:
> Jeff Trawick wrote:
>> Nick Kew wrote:
>>> As you may know, I've recently written a module mod_privileges
>>> that makes Apache HTTPD privileges(5)-aware, and provides a
>>> solution for the long-standing problem of running different
>>> virtual hosts under different Unix users/groups.
>>> http://httpd.apache.org/docs/2.3/mod/mod_privileges.html
>>>
>>> mod_privileges works only with development versions of Apache.
>>> I'm proposing a backport to make it work with the release
>>> version 2.2, and include it as standard in Sun's webstack.
>>> I attach a draft: comments welcome.
>>
>> BTW, how big a patch is needed to Apache 2.2?
>
> It's small and straightforward enough, having figured out the
> sequencing while working on trunk through mod_unixd and the
> drop_privileges hook. All the non-trivial work is essentially
> done in having figured that lot out.
>
cool; I didn't see anything in the ARC about Apache specifically so I
guess it has no new interface?
A few comments/questions:
What is privileges-scan?
Is 64-bit Apache supported?
(i.e., will there be
/usr/apache2/2.2/libexec/${ISAINFO}/mod_privileges.so?)
Is a sample configuration snippet provided?
(/etc/apache2/2.2/samples-conf.d/privileges.conf)
For "Patch to httpd core /usr/apache2/2.2/bin/httpd"...
Does that introduce any user interfaces, or is it all implementation
details, in which case I don't think the ARC has
to mention it.
