Jeff Trawick wrote:
As others mentioned, that big number has the same representation as 32-bit
-1. I checked a couple of systems and gid_t is unsigned 32-bit there,
and Apache treats the number as gid_t internally. The user can code that
big unsigned number for group if they want to. Operation
* Justin Erenkrantz wrote:
> --On Friday, January 24, 2003 00:11:22 +0100 André Malo <[EMAIL PROTECTED]>
> wrote:
>
>>> + * 20020903.1 (2.0.44-dev) allow_encoded_slashes added to
>>> core_dir_config
>>
>> This should now be 2.0.45-dev, shouldn't it?
>
> 2.1.0-dev. -- justin
*err* yes ...
--On Friday, January 24, 2003 00:11:22 +0100 André Malo <[EMAIL PROTECTED]>
wrote:
+ * 20020903.1 (2.0.44-dev) allow_encoded_slashes added to
core_dir_config
This should now be 2.0.45-dev, shouldn't it?
2.1.0-dev. -- justin
* [EMAIL PROTECTED] wrote:
> Index: ap_mmn.h
> ===
> RCS file: /home/cvs/httpd-2.0/include/ap_mmn.h,v
> retrieving revision 1.52
> retrieving revision 1.53
> diff -u -u -r1.52 -r1.53
> --- ap_mmn.h3 Sep 2002 23:3
>
> I don't, but repositories with no community and bad license markup
> aren't what we're here for.
Part of the issue is that the project never got enough publicity, it
did not have a home page, documentation, etc. For a long time, it was not
even linked from anywhere in the Apache website, I r
Bill Stoddard wrote:
I am -0 for including it in the httpd repository.
An opinion not without merit. Do other folks feel similarly? (or maybe
Bill want's to put more words into the negative space).
Thomas Eibner wrote:
Why would you want to retire it?
I don't, but repositories with no commu
> > What adverse behavior if any will I see on linux if I have a module that forks,
>and immediately calls signal(SIGHUP, SIG_IGN) and signal(SIGCLD, SIG_IGN) when using
>the worker MPM?
>
> It will be propagated to everything you spawn off.
> Most programs presume that they can catch children
>
T Ford wrote:
>
> What adverse behavior if any will I see on linux if I have a module that forks, and
>immediately calls signal(SIGHUP, SIG_IGN) and signal(SIGCLD, SIG_IGN) when using the
>worker MPM?
It will be propagated to everything you spawn off.
Most programs presume that they can catch c
What adverse behavior if any will I see on linux if I have a module that forks, and
immediately calls signal(SIGHUP, SIG_IGN) and signal(SIGCLD, SIG_IGN) when using the
worker MPM?
Torin Ford
Venturi Technology Partners
--
__
http://www.linuxmail.org/
On Thu, 23 Jan 2003, Bill Stoddard wrote:
> This patch fixes a segfault I see serving files cached by MMapFile.
> First request is okay, subsequent request segfaults in an mmap ring
> macro during apr_brigade_destroy because the next pointer is null.. I
Ahh... right you are. I can explain
On Thu, Jan 23, 2003 at 11:10:11AM -0500, Bill Stoddard wrote:
> Thomas Eibner wrote:
>
> >On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
> >
> >
> >>Moving to closure on the decision - my sense is that this plan is
> >>acceptable.
> >>
> >>Now we can transition to doing the deed. A
Thomas Eibner wrote:
On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it othe
This patch fixes a segfault I see serving files cached by MMapFile.
First request is okay, subsequent request segfaults in an mmap ring
macro during apr_brigade_destroy because the next pointer is null.. I
did not spend time trying to figure out exactly why the next pointer was
null, but looki
Just to keep people posted. I checked with Ryan and:
1. The code is most assuredly under the Apache License.
2. Ryan is fine with it being merged into httpd
3. The code is 100% assigned to the ASF.
Daniel Lopez wrote:
>
>
> I'd like to integrate it. I guess the best location for now is
I think this covers most of the points...
--- Begin Message ---
I just finished reading this so-called whitepaper and the press release, and
all I can say is hyped, sensationalised snakeoil.
The HttpOnly cookie feature, a proprietary Microsoft extension designed to
mitigate a single aspect of XSS
I'd like to integrate it. I guess the best location for now is experimental/ ?
> Moving to closure on the decision - my sense is that this plan is
> acceptable.
>
> Now we can transition to doing the deed. Anybody got enough of an itch
> around that code to rescue it?
>
> I'll advocate retir
Say you have a reverse proxy server in front of your web server. If you do a
trace to the reverse proxy server that would execute the trace on the web
server revealing that information.
-MJ
> -Original Message-
> From: André Malo [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 23, 2
On Thu, Jan 23, 2003 at 10:22:16AM -0500, Ben Hyde wrote:
> Moving to closure on the decision - my sense is that this plan is
> acceptable.
>
> Now we can transition to doing the deed. Anybody got enough of an itch
> around that code to rescue it?
>
> I'll advocate retiring it otherwise. - b
* Johnson, Michael wrote:
> I would guess some error message should be displayed. Forbidden/ Method not
> allowed?
By the nature of TRACE I don't see that it would make much sense for an
origin server.
For a (mod_)proxy a 405 may be useful for security reasons.
YMMV.
nd
--
my @japh = (sub{q~J
I would guess some error message should be displayed. Forbidden/ Method not
allowed?
> -Original Message-
> From: André Malo [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 23, 2003 10:18 AM
> To: [EMAIL PROTECTED]
> Subject: Re: RFC TRACE
>
>
> * Johnson, Michael wrote:
>
> > Can
Correct this is from that article. Though similar attacks in the past were
done like this with the echo service. I don't think its overreacting
especially with this article out now im sure a number of people will be
playing with this.
Limit Trace did not work hence myself starting to hack into the
Moving to closure on the decision - my sense is that this plan is
acceptable.
Now we can transition to doing the deed. Anybody got enough of an itch
around that code to rescue it?
I'll advocate retiring it otherwise. - ben
On Tuesday, January 21, 2003, at 10:10 AM, Ben Hyde wrote:
Some part
* Johnson, Michael wrote:
> Can Trace be disabled im looking through the source and not seeing a flag to
> disable this?
per configuration - no.
But a trace request is mostly fulfilled, if there comes *any* answer. So
what should happen? Close the connection? Not very polite ;-)
nd
--
my @japh
On Thu, Jan 23, 2003 at 09:59:53AM -0500, Johnson, Michael wrote:
> Can Trace be disabled im looking through the source and not seeing a flag to
> disable this?
Let the over-reacting begin. :-P
(In case someone missed it, the "whitepaper" for what he's reacting to is
available at http://www.whit
Can Trace be disabled im looking through the source and not seeing a flag to
disable this?
Thanks
-MJ
Graham Leggett wrote:
Hi all,
While testing mod_ldap, I noticed it was creating a shared memory file
like so:
[minfrin@jessica httpd-2.0]$ ls -al /tmp/mod_ldap_cache
-rw-r--r--1 nobody 42949672954 Jan 22 14:09
/tmp/mod_ldap_cache
As others mentioned, that big number has the sam
26 matches
Mail list logo