Parsing, Priv Seperation and chroot

I fixed up the parsing issues on Shelob so that it is somewhat respectable, instead of a bunch of hacks. It was obvious once I started looking at what the client was sending me (the LiveHTTP headers Firefox extension rocks), that I needed to break up each line and then seperate the values into a name and value. After rewriting the getHeaders() function to use STL hash tables, not only is the code more flexible, but it is also cleaner. For example: [code] log.writeLogLine(inet_ntoa(sock->client.sin_addr), request_line, 200, size, headermap[“Referer”], headermap[“User-Agent”]); [/code] Here, with the headermap, it is obvious what values I am passing. Before the rewrite, I just had a bunch of tokens[3], tokens[5], etc. I’m also toying around with the idea of privilege seperation and chroot jails. This sort of flows with the previous post of a micro-kernel type approach, similar to how Postfix works. While it is more secure, the programming challenges are pretty high. I may leave that for a later version. I still have a bit of cleanup to do before a release. Aside: Theo de Raat gave a nice presentation on exploit mitigation techniques that OpenBSD is using which relates to some of these ideas.