On Wed, 18 Jun 1997, Garry Glendown wrote: > Matthew J. Probst wrote: > > I think it could be completely stable if we ran a seperate httpd process > > all together (with stripped out config files, and only one child process) > > that is attached to some port of the machine other than 80 and is > > dedicated to modifying the main server config files and re-huping the > > daemon. The one httpd would have to run under root and only root though.. > > Apache supports access to different ports from one server process ... > so, technically, the same server could do both ...
Except for the little fact that on most setups (ie. where the server is started as root) anyone who can modify the config files can get root, and I don't want the user my server runs as to be able to get root. It would, of course, be possible to implement it with an external CGI that is setuid.
