apache 1.3.26?
Paul J. Lucas
yellowdog-general@lists.terrasoftsolutions.com
Mon Jun 24 12:21:01 2002
On 24 Jun 2002, Konstantin Riabitsev wrote:
> In fact, I'd recommend grabbing an src.rpm from the 7.2 updates and
> rebuilding it -- there are some things in the redhat version of apache, such
> as default user being apache vs. nobody
If you administer Apache and you don't know enough to edit the
configuration file to set it for your site, you shouldn't be
administering it in the first place.
At least on Solaris, there is a reason you might want to keep
the process owner as "nobody." Under Solaris, "nobody" has
fewer access privileges that regular non-root users. Granted,
this is a Linux mailing list; but there are plenty of mixed
environments and having a single configuration is a big help.
Anyway, having "apache" as the process owner means squat. It
doesn't matter what the name of the user is just so long as
it's not root. You can call it www, web, or scooby for all it
cares.
> and several other patches, not to mention an integrated mod_ssl.
1. You can easily build in mod_ssl yourself.
2. Unless you're using SSL *and* have a valid certificate, this
is irrelevant.
> You don't really gain much by wanting 1.3.26.
Except the recent security-hole fix. That's the entire point of
that release.
> You can also try rebuilding apache-1.3.23-14 from the 7.3 updates -- it
> should work just fine as well without the gotchas of trying to use an RPM
> from some other distro or building things from source.
There are no "gotcha's" in building from source. If somebody
is a sysadmin and can't build Apache from source, s/he should
be fired for being incompetent.
- Paul