Re: [mod-security-users] When will we see 1.8?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] When will we see 1.8?
|
From: Ivan R. <iv...@we...> - 2004-04-26 10:51:07
|
>> Sure, but mod_security will kill every child Apache spawns. I've >> added a delay to prevent too many processes to get created and >> killed at the same time, but the whole thing will prevent Apache >> from serving any requests. > > Hmm, in that case, why can mod_security not simply kill the "mother" Apache > process itself? (the child, running as "nobody", or "www", can obviously not > kill the parent, who runs as root; but mod_security could kill its own > Apache process, right?). Or am I missing something again? It does just that (exits its own process). But it is the parent process running as root that spawns new children. I've put this mechanism in place just in case. Apache not running is a bug. Chroot not working is a but *and* a security issue. Anyway, if I got it right this time it will never have to manifest itself. Bye, Ivan |
