On Fri, May 22, 2009 at 5:10 PM, William A. Rowe, Jr. <wr...@rowe-clan.net>wrote:
> Jeff Trawick wrote: > > > > Backing up a bit... > > > > I originally thought we could map bit values in 2.2.x to avoid affecting > > modules, but that isn't possible since includes-with-exec is two bits > > instead of one. > > Hold on... I think this can still work; > > * Retain new true 'Includes' bit as old IncludesNoExec macro value > Keep ancient Includes flag bit as 256, never true. > > - all httpd modules testing for including but not executing > permission see the permission as allowed > > - old httpd modules testing for includes with exec permission > see the permission as denied, until they update the module > > - httpd modules which force/override the includes without exec > permission would still work > > - httpd modules which force/override the includes exec behavior > would just fail to update anything (256 & 0xff == 00), so it > becomes a noop until they update the module > > So it has no negative security consequences, still would require > an update to the rare module, but lets us ship something without > really nasty side effects. > I'll think harder about this once my latest proposal gets shot down ;)
