[LUGOS] web server z full privilege separationom
Rok Potočnik
r at rula.net
Tue Dec 1 07:37:25 CET 2009
Jure Pečar wrote:
> apache mpm itk si že pogledal?
glede na spletno stran nobena apache* resitev ni produkcijska...
http://wiki.apache.org/httpd/PrivilegeSeparation
...
MPM-ITK, on the other hand, processes request headers under root,
switches to the target userid, and then kills the httpd process when
finished serving the connection. As discussed above, this has serious
security and performance implications.
At the present time, you should only attempt to use one of these MPMs if
you fully understand the security and performance trade-offs involved.
--
LP, Rok
More information about the lugos-list
mailing list