[Bug 173388] Review Request: Denial of Service evasion module for Apache
bugzilla at redhat.com
bugzilla at redhat.com
Tue Dec 20 20:44:37 UTC 2005
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: Denial of Service evasion module for Apache
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=173388
------- Additional Comments From mpeters at mac.com 2005-12-20 15:44 EST -------
(In reply to comment #13)
> I don't agree that the package should automatically restart apache, though.
> Apache restarts are rarely sane, so I'd rather be cautious and let the admin do
> the restart on eir own.
If they are installing the module, they can't use it unless they restart it.
Furthermore, there is the update issue.
Security hole found in package - update issued.
Sysadmin has yum running as a service to update his system.
He checks the rpm - thinks he's safe because it's at patch level, but since
apache hasn't restarted he's vulnerable.
-=-
Any comments from packaging veterans on this?
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-extras-list
mailing list