On 7 Nov 2009, at 06:25, Brian Rectanus wrote:
Yes, mod_security requires it. Many who use mod_security may not even realize it. It would be a shame to have vendors drop it by default, which would make mod_security a bit more difficult to install on vendor built httpd installs.
Isn't that overstating a case? We have a steady trickle of people who we have to tell to disable it to get a working webserver (and no doubt many more who quietly find that advice by googling their problem). So mod_security can't just assume it has mod_unique_id in any case.
I have not really seen any other product use it though and have debated rewriting something similar to include in mod_security. Who "owns" the mod_unique_id code? Maybe it could be donated to mod_security to include it in it's own code so we don't have to wory about it?
You're Breach Security, right? Is that an official request? How hard have you looked for other apps? You can get the history of who committed and subsequently maintained it from svn.apache.org/viewvc. And you can of course clone it. But we generally prefer you participate here @apache.org if you find it needs more maintenance than it's getting from us. -- Nick Kew
