RE: security!

2001-03-02 Thread Matt Sergeant 

On Thu, 1 Mar 2001, [EMAIL PROTECTED] wrote:

  I used to believe that too, but now that I've developed
  applications that make rather extensive use of the Apache API, I would
  actually love to have an environment similar to CGI but 
  providing the full
  Apache API, including logging, notes/pnotes, etc. 
 
 How would it be similar to CGI then?  I'm guessing you want to be able to
 register a separate program to handle any part of the request phase?

Similar to CGI in that it would fork a process (and hence we could use
suexec or whatever mechanism to suid). And yes, we should be able to
register it in whatever request phase.

-- 
Matt/

/||** Founder and CTO  **  **   http://axkit.com/ **
   //||**  AxKit.com Ltd   **  ** XML Application Serving **
  // ||** http://axkit.org **  ** XSLT, XPathScript, XSP  **
 // \\| // ** mod_perl news and resources: http://take23.org  **
 \\//
 //\\
//  \\

[CV] [JOB WANTED]

2001-03-02 Thread Matthew Byng-Maddick 

After not following up a lot of potential leads when I tried this last
time, I'm once again posting my CV here.

The CV in question is at

http://colondot.net/mbm/cv.shtml

I am up for doing sysadmin on any UNIX (although I'd prefer one of
FreeBSD/Solaris/Linux), mod_perl development (which I've spent the last
year and a half or so doing), apache development in C. Internet daemon
development of any sort (perl or C). Other kinds of Perl and C are also
good, but I've not done it so much.

Email me rather than the list to follow-up, please.

MBM

-- 
VMS, n.:   The world's foremost multi-user adventure game.

[OT] Re: security!

2001-03-02 Thread darren chamberlain 

Matt Sergeant ([EMAIL PROTECTED]) said something to this effect on 03/02/2001:
 ...now that I've developed applications that make rather extensive
 use of the Apache API, I would actually love to have an environment
 similar to CGI but providing the full Apache API, including logging,
 notes/pnotes, etc. I realise a lot of this would be tricky and would
 require RPC (thus opening up a security hole in its own right) but
 I think it would be worthwhile.

This is off-topic, pretty much, but interesting nonetheless.

I just stumbled across Apache DSSI URL:http://apache_dssi.tripod.com/,
which seems to allow for that. I haven't tried it out, or even
looked at the code yet, but the author apparently considers it
1.0 verion code.

Here is the summary from the page:

By using this extentions to mod_include, you can make your own
function for SSI (Server Side Includes) and you can call your
function with SSI directives. This solution is based on mod_so
and mod_include.  By using DSSI, you can integrate your CGI easily
and make your CGI faster than any other CGI accelerator.

The example the author gives pretty much sums it up (this is a
little long, sorry):

  temp_dssi.c:
  
  #include "httpd.h"
  #include "http_config.h"
  #include "http_request.h"
  #include "http_core.h"
  #include "http_protocol.h"
  #include "http_log.h"
  #include "http_main.h"
  #include "util_script.h"
  #include "util_date.h"
  
  int temp_dssi(request_rec *r, char *args)
  {
const char *s;
s = ap_table_get(r-subprocess_env,"QUERY_STRING");
if(s  *s)
  ap_rprintf(r,"%s\n",s);
if(args  *args)
  ap_rprintf(r,"%s\n",args);
return OK;
  }
  
  
  Compiling:
  
  $ gcc -c -I/apache_root_dir/include -O2 temp_dssi.c
  $ gcc -I/apache_root_dir/include -O2 temp_dssi.o -shared -o
  temp_dssi.so
  $ cp temp_dssi.so /apache_root_dir/libexec/
  
  
  httpd.conf:
  
  LoadDSSI libexec/temp_dssi.so
  
  
  temp_dssi.shtml:
  
  htmlbodypre
  !--#exec func="temp_dssi $DOCUMENT_ROOT" --
  /pre/body/html

(darren)

-- 
If NT is your answer, you don't understand the question.

[ANNOUNCE] Apache::AuthzCache 0.04

2001-03-02 Thread Christian Gilmore 

The uploaded file

Apache-AuthzCache-0.04.tar.gz

has entered CPAN as

  file: $CPAN/authors/id/C/CG/CGILMORE/Apache-AuthzCache-0.04.tar.gz
  size: 8624 bytes
   md5: 1a7794bc9878041af34f7fc4511b52ef

No action is required on your part
Request entered by: CGILMORE (Christian Gilmore)
Request entered on: Fri, 02 Mar 2001 21:21:18 GMT
Request completed:  Fri, 02 Mar 2001 21:21:28 GMT

Virtually Yours,
Id: paused,v 1.72 2000/12/26 15:12:53 k Exp k 


Apache::AuthzCache is designed to work with a mod_perl
authorization module to provide caching of group membership for
site users. For a list of mod_perl authorization modules see:
 
http://www.cpan.org/modules/by-module/Apache/apache-modlist.html
 
When a request that requires authorization is received,
Apache::AuthzCache looks up the REMOTE_USER in a shared-memory
cache (using IPC::Cache) and compares the list of groups in the
cache against the groups enumerated within the "require"
configuration directive. If a match is found, the handler returns
OK and clears the downstream Authz handlers from the
stack. Otherwise, it returns DECLINED and allows the next
PerlAuthzHandler in the chain to be called.
 
After the primary authorization handler completes with an OK,
Apache::AuthzCache::manage_cache adds the new group (listed in
REMOTE_GROUP) to the cache.

See AuthzCache.pm pod for detailed documentation.

$Id: README,v 1.1 2000/09/26 20:11:50 cgilmore Exp $


2001-02-28  Christian Gilmore [EMAIL PROTECTED]

o  Added requirement that Apache::Log be imported. Oversight found
   by Rod Bloodgood.
o  Made release 0.04

2001-01-08  Christian Gilmore [EMAIL PROTECTED]

o  Better handled pre-1.26 set_handlers bugs
o  Made release 0.03

2000-09-26  Christian Gilmore [EMAIL PROTECTED]

o  Made first public release 0.02

$Id: ChangeLog,v 1.4 2001/02/28 23:52:13 cgilmore Exp $

[ANNOUNCE] Apache::ProxyRewrite 0.12

2001-03-02 Thread Christian Gilmore 

The uploaded file

Apache-ProxyRewrite-0.12.tar.gz

has entered CPAN as

  file: $CPAN/authors/id/C/CG/CGILMORE/Apache-ProxyRewrite-0.12.tar.gz
  size: 11412 bytes
   md5: 3155ae03a511171270d88a8ead86677d

No action is required on your part
Request entered by: CGILMORE (Christian Gilmore)
Request entered on: Fri, 02 Mar 2001 21:17:46 GMT
Request completed:  Fri, 02 Mar 2001 21:18:12 GMT

Virtually Yours,
Id: paused,v 1.72 2000/12/26 15:12:53 k Exp k 


Apache::ProxyRewrite acts as a reverse-proxy that will rewrite
URLs embedded in HTML documents per apache configuration
directives.
 
This module was written to allow multiple backend services with
discrete URLs to be presented as one service and to allow the
proxy to do authentication on the client's behalf.

See ProxyRewrite.pm pod for detailed documentation.

$Id: README,v 1.1 2001/01/02 23:10:47 cgilmore Exp $


2001-03-02  Christian Gilmore [EMAIL PROTECTED]

o  Corrected mishandling of URL-shrinking in rewrite_url.
o  Ensured that parsing loop closes in the case of final
   missing end tag.
o  Now unescape headers for proxy request. Bug reported and
   patched by Eric Kolve.
o  Removed use of deprecated header_in and header_out in favor
   of current headers_in and headers_out.
o  Set-Cookie path is now rewritten. Feature requested by Eric
   Kolve.
o  Made release 0.12.

2001-01-14  Christian Gilmore [EMAIL PROTECTED]

o  Added 'base' as an element of the LINK_ELEMENT hash. Bug
   reported by Eric Kolve.
o  Made release 0.11.

2001-01-02  Christian Gilmore [EMAIL PROTECTED]

o  Made first public release 0.10.

$Id: ChangeLog,v 1.3 2001/03/02 21:12:48 cgilmore Exp $


Enjoy,
Christian

-
Christian Gilmore
Infrastructure  Tools Team Lead
Web  Multimedia Development
Tivoli Systems, Inc.

[JOB] Seeking Employment

2001-03-02 Thread Paul Singh 


Pardon me if I break convention but that is the intent.
 
In the most reductionist sense, I am looking for employment, but please
allow me a moment to indulge.
 
I am not desperate for a new job and quite frankly, I am well paid where I
am now... but after enduring two years of continued frustration and broken
promises I have reached the limits of my loyalty and have made the decision
to try something new -- one of the more difficult choices I've had to make.
 
I would like to partner with a smaller organization looking to create
something elegant -- a rough definition I know, but I am open to new
possibilities.
 
My educational background is mostly in psychology -- my professional
background is mostly in technology.  If you can see the intrinsic advantage
of this apparent dichotomy, then perhaps there is room for us to join
forces.
 
I have worked as a Database Administrator, as a Network Administrator, as a
Developer, as an Analyst, and am currently the Director of Development of a
small but growing technology department.
 
I look to do the same in the immediate future but with a concerted emphasis
on creativity and fostering a new business to take an idea, develop it
collaboratively, and reap the rewards (collaboratively).  My ultimate goal
is not to lead technology, but to lead business.
 
I live in Manhattan and would like to continue doing so, but would be
willing to consider most anything for a sufficiently compelling offer.
 
If you think there might be a match here, please allow me to buy you lunch.

Thanks.


Paul Singh

Apache::ASP Sessions + mod_ssl + ParanoidSessions

2001-03-02 Thread Eric Bellotti 


Is it possible that when "paranoid sessions" are enabled in Apache::ASP
under mod_ssl, sessions get occasionally dropped?  Not a big deal though. =)

EB

[JOB] mod_perl programmers needed

2001-03-02 Thread Gerd Kortemeyer 

We need programmers to work on an open source project

 http://www.lon-capa.org/

- check out "Technical Background" for some - guess what - technical
background (slightly outdated).

If this looks interesting to you, please send me an email off-the-list.
Note that this is a ".edu/.org" rather than a ".com" .

- Gerd.

[H/OT] time to vote

2001-03-02 Thread Stas Bekman 

FYI, half on topic here, as two of the candidates are our mod_perl
people... so if you didn't vote yet, it's a time to do so.


-- Forwarded message --
Date: Thu, 1 Mar 2001 17:28:44 -0800
From: www.perl.com update [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: www.perl.com: DBIx::Recordset VS DBI
Resent-Date: Fri, 2 Mar 2001 07:53:27 -0800
Resent-From: [EMAIL PROTECTED]

[snip]

Meanwhile, ActiveState has announced their first annual Programmers'
Choice awards. The candidates for the Perl category are:

* Rocco Caputo (POE)
* Paul Kulchenko (SOAP::Lite)
* Matt Sergeant (AxKit)
* Tim Vroom (perlmonks.com)
* Andy Wardley (Template Toolkit)

You can cast your votes until March 5th at:

http://www.ActiveState.com/Awards/

[snip]

Re: [H/OT] time to vote

2001-03-02 Thread Gunther Birznieks 

Who did you count among the two? I count 3 people who post here on the 
mod_perl list and support mod_perl (although to varying degrees) Andy, Matt 
and Paul.

At 12:48 PM 3/3/2001 +0800, Stas Bekman wrote:
FYI, half on topic here, as two of the candidates are our mod_perl
people... so if you didn't vote yet, it's a time to do so.


-- Forwarded message --
Date: Thu, 1 Mar 2001 17:28:44 -0800
From: www.perl.com update [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: www.perl.com: DBIx::Recordset VS DBI
Resent-Date: Fri, 2 Mar 2001 07:53:27 -0800
Resent-From: [EMAIL PROTECTED]

[snip]

Meanwhile, ActiveState has announced their first annual Programmers'
Choice awards. The candidates for the Perl category are:

 * Rocco Caputo (POE)
 * Paul Kulchenko (SOAP::Lite)
 * Matt Sergeant (AxKit)
 * Tim Vroom (perlmonks.com)
 * Andy Wardley (Template Toolkit)

You can cast your votes until March 5th at:

 http://www.ActiveState.com/Awards/

[snip]

Authentication handlers

2001-03-02 Thread Kiran Kumar.M 



hi ,
i'm using mod_perl authentication handler, where 
the user's credentials are checked against a database and in the database 
i have a flag which tells the login status (y|n),  but aftr the user logs out 
the status is changed to n , my problem is that after logging out if the 
user goes one page back and submits the browser sends the username and 
password again , and the status is changed to y . Is there any means of removing 
the username and password from the browsers cache.

Thanks in advance

Kiran

Re: Authentication handlers

2001-03-02 Thread Paul J. Lucas 

On Sat, 3 Mar 2001, Kiran Kumar.M wrote:

 Is there any means of removing the username and password from the browsers
 cache.

$r-nocache(1);

- Paul