BS2000 Security: BS2000 needs extra authentication

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@81116 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/mod/core.html b/docs/manual/mod/core.html
index fc735e637e6a80e850d3ffb05437afda15780ca4..7b86937e94439f673a43b347e7187ffcdd7fd99a 100644 (file)
--- a/docs/manual/mod/core.html
+++ b/docs/manual/mod/core.html
@@ -28,6 +28,7 @@ always available.
 <LI><A HREF="#authname">AuthName</A>
 <LI><A HREF="#authtype">AuthType</A>
 <LI><A HREF="#bindaddress">BindAddress</A>
+<LI><A HREF="#bs2000authfile">BS2000AuthFile</A>
 <LI><A HREF="#clearmodulelist">ClearModuleList</A>
 <LI><A HREF="#contentdigest">ContentDigest</A>
 <LI><A HREF="#coredumpdirectory">CoreDumpDirectory</A>
@@ -354,6 +355,43 @@ HREF="#virtualhost">&lt;VirtualHost&gt;</A></CODE> sections.
 
 <HR>
 
+<H2><A name="bs2000authfile">BS2000AuthFile directive</A></H2>
+<!--%plaintext &lt;?INDEX {\tt BS2000AuthFile} directive&gt; -->
+<A
+ HREF="directive-dict.html#Syntax"
+ REL="Help"
+><STRONG>Syntax:</STRONG></A> BS2000AuthFile <EM>authfile</EM><BR>
+<A
+ HREF="directive-dict.html#Default"
+ REL="Help"
+><STRONG>Default:</STRONG></A> <EM>none</EM><BR>
+<A
+ HREF="directive-dict.html#Context"
+ REL="Help"
+><STRONG>Context:</STRONG></A> server config<BR>
+<A
+ HREF="directive-dict.html#Status"
+ REL="Help"
+><STRONG>Status:</STRONG></A> core<BR>
+<STRONG>Compatibility:</STRONG></A> BS2000AuthFile is only available for BS2000 machines, as of Apache 1.3 and later.<P>
+
+The <CODE>BS2000AuthFile</CODE> directive is available for BS2000 hosts
+only. It must be used to define the password file which is used to
+change the BS2000 task environment of the server to the non-privileged
+account specified by the <A HREF="#user">User</A> directive. This is
+required in the BS2000 POSIX subsystem (by performing a sub-LOGON) to
+prevent CGI scripts from accessing resources of the privileged account
+which started the server, usually <SAMP>TSOS</SAMP>.<BR>
+Note that the specified <EM>authfile</EM> must be owned by the super
+user and must not be readable or writable by anyone else, otherwise
+Apache will refuse to start and exit with an error message.<BR>
+Only one <CODE>BS2000AuthFile</CODE> directive can be used. <P>
+
+<P><STRONG>See Also:</STRONG>
+<A HREF="../ebcdic.html">Apache EBCDIC port</A></P>
+
+<HR>
+
 <H2><A name="clearmodulelist">ClearModuleList directive</A></H2>
 <!--%plaintext &lt;?INDEX {\tt ClearModuleList} directive&gt; -->
 <A

diff --git a/docs/manual/mod/directives.html b/docs/manual/mod/directives.html
index 3b0c97fe9e738a192d6b2b13d4578b430dec9209..ae2952f62f27f87a2564bd25f1ef584fd82aad3a 100644 (file)
--- a/docs/manual/mod/directives.html
+++ b/docs/manual/mod/directives.html
@@ -67,6 +67,7 @@ of the terms used in their descriptions available.
 <LI><A HREF="core.html#bindaddress">BindAddress</A>
 <LI><A HREF="mod_setenvif.html#BrowserMatch">BrowserMatch</A>
 <LI><A HREF="mod_setenvif.html#BrowserMatchNoCase">BrowserMatchNoCase</A>
+<LI><A HREF="core.html#bs2000authfile">BS2000AuthFile</A>
 <LI><A HREF="mod_proxy.html#cachedefaultexpire">CacheDefaultExpire</A>
 <LI><A HREF="mod_proxy.html#cachedirlength">CacheDirLength</A>
 <LI><A HREF="mod_proxy.html#cachedirlevels">CacheDirLevels</A>