fredk2 wrote:
Hi, is there any reasons why you would not want in production (or hardened server) an apache compiled with -enable-exception-hook?
Yes. You can and should expect that once the server is compromised, it's possible although highly unlikely that the actual target of that hook is also compromised. Many would rather that the process was brought down, hard, at the first exception, and that code no longer ran in that context. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|