How ZFS saved the Apache Foundation

vivek

Aspiring Daemon

Reaction score: 197
Messages: 805

Nice info. The main problem with the Apache is lack of file system control for httpd user. jail solves this problem by locking down www user to a jail directory. Other web server such as lighttpd offers chroot() security feature. jail is was the main reason when we made switch from both Sun and Linux server. Our corporate image server was hacked and replaced all images with nasty / pr0n images in 2001. Since FreeBSD we never got such a problem.
 

tanked

Active Member

Reaction score: 1
Messages: 111

As they are using ZFS does anyone know whether its on a FreeBSD or Solaris platform?
 
OP
DutchDaemon

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Reaction score: 3,120
Messages: 11,416

Solaris. It's in there.

aurora.apache.org runs Solaris 10, and we were able to restore the box to a known-good configuration by cloning and promoting a ZFS snapshot from a day before the CGI scripts were synced over
 
OP
DutchDaemon

DutchDaemon

Administrator
Staff member
Administrator
Moderator
Developer

Reaction score: 3,120
Messages: 11,416

BTW, the topic title is, of course, a little hyperbolic.
 

saxon3049

Active Member

Reaction score: 14
Messages: 208

It's just nice that a company is open about a security breach and is giving credit to the right people and systems for helping them to recover.
 

tingo

Son of Beastie

Reaction score: 626
Messages: 2,523

Nice. Kudos to the ASF for providing detailed information that can help others.
 

anemos

Member

Reaction score: 16
Messages: 58

Very nice of them indeed to share with public their Achilles' Heel as well as the things that helped them recover. Unfortunately, though I happened on the site at that time, I didn't grab a screenshot. �e
 
Top