apache configtest
Colin Walters
walters at redhat.com
Thu Oct 21 16:36:35 UTC 2004
On Thu, 2004-10-21 at 15:22 +0900, Makoto Otsu wrote:
> Apache configtest not work
>
> The following commands display nothing.
>
> # service httpd configtest
>
> or
>
> # httpd -t
Right - this is a consequence of the SELinux policy for Apache. We do
not want the httpd process to have access to your terminal. If it did,
a compromised or buggy httpd process could do very bad things.
The fix is to break the config-testing bit into its own binary. We
could have a wrapper around /usr/sbin/httpd which would parse arguments,
and exec /usr/sbin/httpd-configtest if the -t option is passed,
otherwise we exec /usr/sbin/httpd.real.
More information about the test
mailing list