Permission Isolation by Dedicated Apache Processes for Subversion and Trac

Forkel, Robert; Wobst, André

アイテム詳細

登録内容を編集ファイル形式で保存

一時保存へ追加

タグ情報を表示リリース履歴を表示詳細要約

公開

ポスター

Permission Isolation by Dedicated Apache Processes for Subversion and Trac

MPS-Authors

/persons/resource/persons96313

Forkel, Robert
Innovations, Max Planck Digital Library, Max Planck Society;

/persons/resource/persons96359

Wobst, André
Innovations, Max Planck Digital Library, Max Planck Society;

External Resource

There are no locators available

Fulltext (restricted access)

There are currently no full texts shared for your IP range.

フルテキスト (公開)

公開されているフルテキストはありません

付随資料 (公開)

There is no public supplementary material available

引用

Forkel, R., & Wobst, A. (2007). Permission Isolation by Dedicated Apache Processes for Subversion and Trac. Poster presented at 24. DV-Treffen der MPG, Abbe-Zentrum Campus Beutenberg Jena.

引用: https://hdl.handle.net/11858/00-001M-0000-0013-863F-7

要旨

At Living Reviews we are serving content from various web applications and other internal sources on our public webservers. Our own web applications are run under specific user accounts configured to have minimal permissions. They are bound to the public webserver by proxy rewrite rules. For content typically served by the apache instance itself (subversion using webdav, trac instances using mod_python) we use additional apache instances running under separate accounts to limit file access for the internal data to those processes really needing them. The different apache instances are configured with minimal apache modules each (no mod_python for the subversion handling apache etc.). All apache instances use the binaries and modules provided by the distribution; only the config files differ.