# How ZFS saved the Apache Foundation



## DutchDaemon (Sep 4, 2009)

https://blogs.apache.org/infra/entry/apache_org_downtime_report

Doubles as a nice primer for additional security measures as well


----------



## vivek (Sep 4, 2009)

Nice info. The main problem with the Apache is lack of file system control for httpd user. jail solves this problem by locking down www user to a jail directory. Other web server such as lighttpd offers chroot() security feature. jail is was the main reason when we made switch from both Sun and Linux server. Our corporate image server was hacked and replaced all images with nasty / pr0n images in 2001. Since FreeBSD we never got such a problem.


----------



## Alt (Sep 4, 2009)

Very interesting reading! Tnx)


----------



## CodeBlock (Sep 4, 2009)

Yeah very interesting. Nice find!


----------



## tanked (Sep 4, 2009)

As they are using ZFS does anyone know whether its on a FreeBSD or Solaris platform?


----------



## DutchDaemon (Sep 4, 2009)

Solaris. It's in there.



> aurora.apache.org runs Solaris 10, and we were able to restore the box to a known-good configuration by cloning and promoting a ZFS snapshot from a day before the CGI scripts were synced over


----------



## DutchDaemon (Sep 4, 2009)

BTW, the topic title is, of course, a little hyperbolic.


----------



## saxon3049 (Sep 4, 2009)

It's just nice that a company is open about a security breach and is giving credit to the right people and systems for helping them to recover.


----------



## tingo (Sep 4, 2009)

Nice. Kudos to the ASF for providing detailed information that can help others.


----------



## anemos (Sep 4, 2009)

Very nice of them indeed to share with public their Achilles' Heel as well as the things that helped them recover. Unfortunately, though I happened on the site at that time, I didn't grab a screenshot. ï¿½e


----------



## tekkon (Sep 6, 2009)

Great post. A lot of security experiences gained from it.


----------

