I'm writing security checklists for DoD. One requirement is to ensure that web servers can be configured to fail to known safe states.
Is there any documentation about lighttpd's failure modes? Can lighttpd be configured to fail to pre-defined states?
RE: Failure Modes - Added by gstrauss over 2 years ago
I don't know of any doc specifically geared towards failure modes. However, in many places, lighttpd does take the programming approach of aborting the program if inconsistency is detected.
If you are planning on documenting failure modes, I would suggest starting with a minimal set of modules (the defaults being mod_indexfile, mod_dirlisting, and mod_staticfile), documenting the most restrictive configuration, and then walking through the failure modes and/or how to apply least-privilege principles to obtain well-defined operational modes. The more modules that are added, the more complex the matrix of interactions becomes.
mod_staticfile is enabled by default and looks in the configured document root. mod_dirlisting and mod_indexfile are disabled by default unless configured (e.g. dir-listing.activate = "enabled"). These are the minimal set of modules that lighttpd expects to be able to load.