Security information, Process model, Privileged images – Oracle Audio Technologies ORACLE9I B10508-01 User Manual

Security Information

Apache Server Installation/Configuration

D-27

$ SAY "Content-type: image/gif"

$ SAY ""

$ APACHE$DCL_BIN APACHE$ROOT:[ICONS]APACHE_PB.GIF

$ EXIT

Running the Oracle HTTP Server on OpenVMS 3ñ19

Security Information

The Oracle HTTP Server for OpenVMS is a non-privileged, user-mode, socket-based
network application

.

TMPMBX and NETMBX are the only privilege

requirements

.

The server runs under its own unique UIC and user account

(ORACLE).

Process Model

The Oracle HTTP Server runs as a single job which consists of:

■

A master process (ORACLE)

and

■

Several subprocesses

Subprocesses are created to service incoming HTTP requests and to execute CGI
scripts.

Because the server runs as a single job, the OpenVMS security profile for each
process is identical, and no enhanced mechanism is required for these processes to
communicate with one another

.

Resource utilization is controlled by a single user

account (ORACLE) where pooled quotas are defined.

Privileged Images

The Oracle HTTP Server performs three operations that require additional privilege:

■

Binding to a port below 1024 (privileged ports).

By default, the server binds to port 8080 (HTTP).

■

Fetching path information for other users.

The server provides a replacement for the getpwnam C RTL routine to allow
the server to fetch default path information for other users (required by
MOD_UTIL

and MOD_USERDIR).