Hosting Provided By

Re: Apache 2.x leaked descriptors

From: Steve Grubb <linux_4ever(at)yahoo.com>
Date: Tue Feb 25 2003 - 13:41:04 EST

('binary' encoding is not supported, stored as-is)
In-Reply-To: <20030224132559.5665.qmail@www.securityfocus.com>

>I think the real way to fix this for CGI is to have the parent process

Yes, this is the correct fix and easy enough to do. I just don't know why they've blown it off for 4 months. This fix should be applied to all files, pipes, and sockets.

So far, this thread has pretty much centered on whether or not access & error log inheritance is a problem. Has anyone looked to see what the scope of the problem is? (Maybe that would convince some people.) Has anyone played with various modules looking to see if anything beyond access or error logs are available? For example, if you look at mod_php, they leak the file descriptor from accept() and the descriptor to the php page being executed in addition to all the other descriptors.

There's a lot of apache modules...

-Steve Grubb Received on Tue Feb 25 18:49:37 2003

This message: [ Message body ]
Next message: Mike Mires: "freeconsole()"
Previous message: Christian Kratzer: "Re: Apache 2.x leaked descriptors"
In reply to: Steve Grubb: "Re: Apache 2.x leaked descriptors"
In reply to Michael Wojcik: "RE: Apache 2.x leaked descriptors"
Next in thread: David M. Wilson: "Re: Apache 2.x leaked descriptors"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:38 EDT