From: "planless.user9" <planless.user9@proton.me>
To: 9front@9front.org
Subject: Re: [9front] httpd minimal configuration
Date: Tue, 21 Jun 2022 12:58:07 +0000 [thread overview]
Message-ID: <yRRvar7ERrJB3c1s1AzWaUgb1lA0r2eWSJEiDFRfuqQWKFuz1XSvBEP8nbvVzMSW7F7nXKBmqr-NOBJbK79Tl45j8TORPHfw4pyBiiR8XJI=@proton.me> (raw)
In-Reply-To: <CAFSF3XMUg5QdvYh7s6uNowCLi4eYx7o-RAEG=_YZKm=uOGYYxg@mail.gmail.com>
Thank you very much for your fast and helpful reply.
I will look at the source code in that case, hoping to get a simple web server set up.
Are there concrete insecurities in the implementation of namespaces?
------- Original Message -------
hiro <23hiro@gmail.com> schrieb am Dienstag, 21. Juni 2022 um 14:31:
> the most important documentation that will be useful for you to
> understand namespaces in practice will be the man page: fork(2)
>
> rc supports "rfork" command, so you can test it all out in your shell
> interactively. grep for rfork in rc man page.
>
> On 6/21/22, hiro 23hiro@gmail.com wrote:
>
> > > My preference would be httpd, however I can't find any documentation for
> > > it
> > > apart from the man page
> >
> > that's as intended. if there is important stuff missing in the man
> > page, please send a patch.
> >
> > > expected in the web root. Is it possible to put static html pages
> > > directly
> > > in it, or is a cgi expected?
> >
> > httpd doesn't do cgi, only static html. feel free to read the code to
> > find the implementation details.
> >
> > > Is there perhaps a simple example that I missed
> > > in my search on the wiki, fqa and via search engine?
> >
> > no.
> >
> > > I haven't quite figured out namespaces yet either, but the default
> > > configuration under /lib/namespace.httpd doesn't look to me like it would
> > > be
> > > usable without customization. (This is probably me, but I can't place
> > > "/usr/mike/www" "/n/emelieother" and "/srv/alice" or find the users and
> > > directories in my base system).
> >
> > you are correct.
> >
> > namespaces on the highest level might be a neat concept, but our
> > implementation sadly doesn't include an overall system security
> > concept.
> >
> > > What would be the minimum namespace configuration needed to display a
> > > static
> > > page?
> >
> > sorry.
> >
> > > The namespace concept makes it safe to run both a web server and a mail
> > > server on one physical device, right?
> >
> > no, practically right now, just spawn another cpu server instead.
> > physical separation is safer than user or namespace separation.
> >
> > i'd trust the fileserver's user separation a bit more, so that's the
> > only place where i'd share ressources.
next prev parent reply other threads:[~2022-06-21 13:00 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-21 11:48 planless.user9
2022-06-21 12:23 ` hiro
2022-06-21 12:31 ` hiro
2022-06-21 12:58 ` planless.user9 [this message]
2022-06-21 13:15 ` Jacob Moody
2022-06-21 14:06 ` planless.user9
2022-06-21 18:40 ` sirjofri
2022-06-22 6:25 ` william
2022-06-22 9:09 ` planless.user9
2022-06-22 9:29 ` umbraticus
2022-06-22 10:38 ` hiro
2022-06-21 17:52 ` mkf9
2022-06-21 17:44 ` mkf9
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='yRRvar7ERrJB3c1s1AzWaUgb1lA0r2eWSJEiDFRfuqQWKFuz1XSvBEP8nbvVzMSW7F7nXKBmqr-NOBJbK79Tl45j8TORPHfw4pyBiiR8XJI=@proton.me' \
--to=planless.user9@proton.me \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).