apache2-mpm-itk little quirks

To: debian debian-isp <debian-isp@lists.debian.org>
Subject: apache2-mpm-itk little quirks
From: Dan MacNeil <dan@thecsl.org>
Date: Fri, 04 Apr 2008 16:45:52 -0400
Message-id: <[🔎] 47F69380.6030906@thecsl.org>

A while back there was some interesting discussion ofapache2-mpm-itk on this list.

The big advantage is that this Multi-Processing Module lets youeasily set the user and group a particular apache virtual serverruns as. If everything isn't running as www-data, it is harderfor a compromised script on one site to wreak havoc on another site.

mpp-itk requires much less config and hassle than uexec suphp andfriends.


I've recently come across a couple quirks:

  1) libapache2-mod-security2 runs as the user
     you set in your virtual server configuration.
     so at least if you have:

	SecAuditLogType Concurrent
..then
	SecAuditLogStorageDir

...needs to be world writable

	2) libapache2-mod-cband segfaults

Probably for #1, SecAuditLogStorageDir can be set per virtualhost, so no big deal.

I'll file a proper bug report on #2 , but thought I'd kick thisto the group first.

Reply to:

Prev by Date: Re: bind9 graphical admin interface
Next by Date: URGENT ATTENTION NEEDED
Previous by thread: Re: EV SSL Certificates, make our own?
Next by thread: URGENT ATTENTION NEEDED
Index(es):
- Date
- Thread