From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 Received: (qmail 8632 invoked from network); 21 Jun 2022 13:00:39 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 21 Jun 2022 13:00:39 -0000 Received: from mail-4318.protonmail.ch ([185.70.43.18]) by 9front; Tue Jun 21 08:58:20 -0400 2022 Date: Tue, 21 Jun 2022 12:58:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=protonmail3; t=1655816294; x=1656075494; bh=B8rBDVvs4AIy3MevC9oq1se4A2gwGsBZE3Sf07z63Qw=; h=Date:To:From:Reply-To:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=LvSRXKxuD0dXvKKvg5sVw3vOkdN0azlZnUMBpzugZukgrt4dTioceSS3sJx/Fwgzf 5yVYKBICXMURTmn1ukTGgmSXNoPGSfBu+tJaX9Ekn1q7oJwEG8OMWLqkZYgOfYv0nR l+CiEov+OC6D7ZG2ztaHd1mdg4g0gqoxJMgAeyQZagsWNyaEQ+Ug+vm336+xvuPhOz HAwAnyILPy7SOkuQIVzXxRbEg0NPVevkRUvEElyWOnXTFbCHenofAanEouoKo0okmU F+7AOSrCJQYsJ8ICcr0cV2+Gu2dcqGyVyJJUfpK1CPDuGUD8s4Z7t3pKQPTYZ5DnPB azgE1wtJLlOWw== To: 9front@9front.org From: "planless.user9" Message-ID: In-Reply-To: References: Feedback-ID: 50494670:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: replication cloud singleton property control Subject: Re: [9front] httpd minimal configuration Reply-To: 9front@9front.org Precedence: bulk Thank you very much for your fast and helpful reply. I will look at the source code in that case, hoping to get a simple web ser= ver set up. Are there concrete insecurities in the implementation of namespaces? ------- Original Message ------- hiro <23hiro@gmail.com> schrieb am Dienstag, 21. Juni 2022 um 14:31: > the most important documentation that will be useful for you to > understand namespaces in practice will be the man page: fork(2) > > rc supports "rfork" command, so you can test it all out in your shell > interactively. grep for rfork in rc man page. > > On 6/21/22, hiro 23hiro@gmail.com wrote: > > > > My preference would be httpd, however I can't find any documentation = for > > > it > > > apart from the man page > > > > that's as intended. if there is important stuff missing in the man > > page, please send a patch. > > > > > expected in the web root. Is it possible to put static html pages > > > directly > > > in it, or is a cgi expected? > > > > httpd doesn't do cgi, only static html. feel free to read the code to > > find the implementation details. > > > > > Is there perhaps a simple example that I missed > > > in my search on the wiki, fqa and via search engine? > > > > no. > > > > > I haven't quite figured out namespaces yet either, but the default > > > configuration under /lib/namespace.httpd doesn't look to me like it w= ould > > > be > > > usable without customization. (This is probably me, but I can't place > > > "/usr/mike/www" "/n/emelieother" and "/srv/alice" or find the users a= nd > > > directories in my base system). > > > > you are correct. > > > > namespaces on the highest level might be a neat concept, but our > > implementation sadly doesn't include an overall system security > > concept. > > > > > What would be the minimum namespace configuration needed to display a > > > static > > > page? > > > > sorry. > > > > > The namespace concept makes it safe to run both a web server and a ma= il > > > server on one physical device, right? > > > > no, practically right now, just spawn another cpu server instead. > > physical separation is safer than user or namespace separation. > > > > i'd trust the fileserver's user separation a bit more, so that's the > > only place where i'd share ressources.